Snippet: Keep Your PC Safe from Rogue PDF Files

Symantec’s latest white-paper reports that the top web-based attacks observed in 2009 were primarily targeted towards vulnerabilities in Internet Explorer and applications that process PDF files. Apparently 49% of all web attacks (up from 11% in 2008) was based on injecting malicious code into a perfectly innocent looking PDF file. This new type of exploit will display a simple dialog, appearing to innocuously enable the viewing of encrypted content. Clicking “accept” will then launch and install the malware on your computer. The truly deadly threat of this exploit is that it is embedded into the PDF file itself, and so it affects all PDF readers.

Therefore, it is more important than ever to ensure that your PDF reader is secured from launching malicious code.

If you are using the latest Adobe Reader, you can ensure that you are protected by going to Edit -> Preferences -> Trust Manager and uncheck “Allow opening of non-PDF file attachments with external applications”.

adobe - preferences

adobe - trust manager

If you use the more lightweight alternative Foxit PDF Reader, the method is similar. In Foxit when you click on an external link you see the following dialog:

foxit - safety_popup

So, in Foxit you are protected by default. However, if you are sure that the file you are trying to open is secure you can disable this feature by navigating to Tools > Preferences > Trust Manager and uncheck “Enable Safe Reading Mode”.

foxit - preferences

foxit - trust manager

Snippet is a short tip/trick or just a quick fix for a certain issue that we discover from time to time. Don’t forget to subscribe to our RSS feed for more up to date tutorials/tips/tricks.

Image credit: fpsurgeon