Fact: Simply opening an infected PDF file can get your device compromised.
Need: to open PDF files more safely.
PDF probably is the most commonly used format to facilitate exchange of electronic copy of documents.
We share content using PDFs all over the web, through emails. And we receive our statements, bills, invoices from our providers. We open PDF files and store them as data all the time. We need to keep it safe.
Isn’t PDF file safe? It’s just a read only document
Well, it used to be. But not anymore.
PDFs have evolved from read only documents to complex documents with interactive forms, multimedia, dynamic code running and more.
Vulnerabilities in PDF viewers could lead to malicious code execution by simply opening the PDF file. And the result is malware infection.
Tips to open PDF files more safely
- Keep your system up to date
- Use browser’s build in PDF viewer
- Disable javascript in your PDF viewer
- Use protected mode (for Acrobat Reader DC)
- Open in isolated virtual machine instead
1. Keep your system up to date
Not just the operating system.
But also your browsers and PDF viewers. To ensure any known vulnerabilities are taken care of. Minimize your exposure.
2. Use browser’s build in PDF viewer
Popular browsers like Google Chrome, Microsoft Edge & FireFox all have build in PDF viewer.
Don’t need to use plug-in. Use build in PDF viewer for better security measures.
3. Disable javascript in your PDF viewer
Yup, PDF can embed javascript.
Most of the time, we open PDF files just for reading. So you should disable javascript by default.
Other popular PDF Viewers like Foxit Reader and Nitro PDF Reader can also run javascript. Be sure to disable javascript if you are using those too.
4. Use protected mode (for Acrobat Reader DC)
Acrobat Reader DC also allows you to run in sandbox protected mode. Enable it as default.
- go to Edit > Preferences > Security (Enhanced)
- select Enable Protected Mode at startup
- select All fiiles for Protected View
- click OK
Note: The Run in AppContainer feature is official in the latest version. Make sure it’s checked also.
In protected mode, some operations like Print is not available. But you can always click Enable All Features to trust the document and release from protected mode.
5. Open in isolated virtual machine instead
If the source of the PDF file is unknown or suspicious, the best approach is not to open it.
However, if the PDF file still gets you enough interest to view it, view it inside a virtual machine. Just like how we use vm to achieve safer web browsing.
Silicon
11 Jul 2020Alan, your website is an absolute gold mine! Excellent topics, well explained and very enjoyable to read. I had to reach out and say “Thank you”. P.s I will be looking to try out many of your suggestions now.
Alan Chan
16 Aug 2020You are welcome! cheers
Annie
26 Aug 2020Alan, a small non-profit I volunteer for is starting up a newsletter. We think our easiest option for a nice looking and easy-to-create document is to use Word or Publisher and save to pdf — distributing the pdf as an email attachment.
Would you consider this type of pdf distribution to be safe — ie, created on a known, trusted computer by a trusted organization/person? In other words, for a pdf to be insecure to open, does it have to have been intentionally created to be malicious?
We realize we could use Outlook or another email program that allows fancier formatting in the body of an email message and, therefore, avoid attachment. But our results w/ Outlook so far are not consistently well-formatted, and definitely vary with different email systems. We don’t have a lot of time or expertise to perfect!
Thank you!
Alan Chan
27 Aug 2020Hi Annie,
legitimate pdf created by trusted organization/person at a clean trusted compputer is not a problem.
dangerous pdfs are those attached with malicious code that exploits weakness of the pdf reader.
These malicious pdfs usually come as attachment in spam/phishing emails from uninvited senders.
Alan