Make Acrobat Safer
Adobe’s products have received recent scrutiny from the security community. In fact, many have suggested that their products will be the main target for malware in 2010. Why? Well Adobe’s Acrobat Reader and Shockwave are very widely distributed and many vulnerabilities are being discovered which often remain unpatched for a while. Adobe has some improving to do.
In the meantime, you can protect yourself somewhat and still use Acrobat Reader. These steps do not guarantee your safety but do reduce your risk profile.
Disable Javascript
Many of the attack vectors are related to the use of javascript, so the obvious solution is to disable javascript. Follow these steps:
- Open Acrobat Reader
- Open the ‘Preferences’ dialog from the menu Edit > Preferences
- Uncheck the Enable Acrobat Javascript from the ‘General’ or ‘Javascript’ tab
- Save your changes
Prevent the Display of Acrobat Documents in the Browser
This prevents malicious links from displaying a PDF in you browser. Combined with the next recommendation, it also forces you to be more aware of the files you are about to view.
- Open Acrobat Reader
- Open the ‘Preferences’ dialog from the menu Edit > Preferences
- Uncheck the Display PDF in Browser from the ‘Internet’ tab
- Save your changes
Prevent Internet Explorer from automatically opening PDF documents
This step involves editing your registry file and is usually reserved for advanced users. Please make a backup of your registry before completing this step.
- Start the registry editor (regedit)
- You will be modifying 2 key values, so navigate to these branches:
- HKEY_CLASSES_ROOT\AcroExch.Document.7
- HKEY_CLASSES_ROOT\AcroPDF.PDF.1
- In each branch, modify the key EditFlags. The new value should be:
- 00 00 00 00 (REG_BINARY)
- Save your changes.
If regedit refuses to save your changes, you may need to modify the permissions on the branch. Do this by right-clicking.
Do Not Open Untrusted PDF Documents
If you do not know who the PDF is from or are unexpectly asked to open a PDF, just say no.
