Fact: Simply opening an infected PDF file can get your device compromised.

Need: to open PDF files more safely.

PDF probably is the most commonly used format to facilitate exchange of electronic copy of documents.

We share content using PDFs all over the web, through emails. And we receive our statements, bills, invoices from our providers. We open PDF files and store them as data all the time. We need to keep it safe.

Isn’t PDF file safe? It’s just a read only document

Well, it used to be. But not anymore.

PDFs have evolved from read only documents to complex documents with interactive forms, multimedia, dynamic code running and more.

Vulnerabilities in PDF viewers could lead to malicious code execution by simply opening the PDF file. And the result is malware infection.

Tips to open PDF files more safely

  1. Keep your system up to date
  2. Use browser’s build in PDF viewer
  3. Disable javascript in your PDF viewer
  4. Use protected mode (for Acrobat Reader DC)
  5. Open in isolated virtual machine instead

1. Keep your system up to date

Not just the operating system.

But also your browsers and PDF viewers. To ensure any known vulnerabilities are taken care of. Minimize your exposure.

2. Use browser’s build in PDF viewer

Popular browsers like Google Chrome, Microsoft Edge & FireFox all have build in PDF viewer.

Don’t need to use plug-in. Use build in PDF viewer for better security measures.

3. Disable javascript in your PDF viewer

Yup, PDF can embed javascript.

Most of the time, we open PDF files just for reading. So you should disable javascript by default.

Acrobat reader disable javascript
e.g. for Acrobat Reader DC, uncheck Enable Acrobat JavaScript at Preferences > JavaScript

Other popular PDF Viewers like Foxit Reader and Nitro PDF Reader can also run javascript. Be sure to disable javascript if you are using those too.

4. Use protected mode (for Acrobat Reader DC)

Acrobat Reader DC also allows you to run in sandbox protected mode. Enable it as default.

  • go to Edit > Preferences > Security (Enhanced)
  • select Enable Protected Mode at startup
  • select All fiiles for Protected View
  • click OK

Note: The Run in AppContainer feature is official in the latest version. Make sure it’s checked also.

Acrobat reader enable protected mode

In protected mode, some operations like Print is not available. But you can always click Enable All Features to trust the document and release from protected mode.

5. Open in isolated virtual machine instead

If the source of the PDF file is unknown or suspicious, the best approach is not to open it.

However, if the PDF file still gets you enough interest to view it, view it inside a virtual machine. Just like how we use vm to achieve safer web browsing.

Leave a Reply

Close Menu