Showing posts with label security. Show all posts
Showing posts with label security. Show all posts

Thursday, December 19, 2013

Can PDF Files Harm Your Computer?

You may have noticed that when you download PDF (Portable Document Format) files in Chrome, it will warn you that the file might harm your computer. On the surface, PDFs are seemingly harmless files containing nothing more than text and images. But there's more to PDF files than most people realize. For example, PDF files can contain scripts, embedded media and other such potentially malicious content.

It turns out that the PDF format is actually quite complicated. It isn't just text and images as you might expect. It has a lot of unnecessary features that have opened many security holes in the past. 

JavaScript: PDFs support JavaScript code, which is the same language that is used to display content in your web browser. This allows them to be as dynamic as web pages. JavaScript code in PDF documents can run automatically upon opening the document and have been known to exploit many security holes in Adobe Reader. There are even many Adobe Reader-specific JavaScript APIs, some of which are insecure and have been exploited.

Embedded Flash: Although Flash is a popular technology, there are many insecurities present in Flash - the very reason that Apple has famously refused to allow Flash on its mobile products. Until April 10, 2012, Adobe Reader had its own internal Flash player. Now Adobe Reader uses the version of Flash that is installed on your system. As long as you have the latest version of both Adobe Reader and Flash, you should mostly be free from any security risks.

Launching External Applications: Adobe Reader used to have a feature where it could run any external application in the system by asking for a confirmation through a pop-up window. If you clicked OK, you could have opened a potentially malicious program. Adobe Reader now no longer supports this feature.

Embedded PDF files: Sometimes, a PDF file can contain an embedded malicious PDF file. Although your antivirus would detect the PDF as not malicious, the PDF would launch another embedded malicious PDF after opening it. This fools antivirus scanners because they cannot detect the presence of the hidden PDF file.

Embedded Media: Sometimes, PDFs can contain embedded media players such as QuickTime player or Windows Media Player. Any security holes in such media players can harm your computer.

PDFs are now much safer

Although the PDF format has a lot of features that most people will never use, it is now much safer than it used to be. This is because Adobe has introduced a new sandboxing feature called 'Protected Mode' in Adobe Reader X. This allows Adobe Reader to only access certain parts of the operating system. That means that hackers will have to find two security holes: one in the PDF viewer and another in the sandbox. Only then can they escape the sandbox and do damage to the rest of the computer. This is very similar to Google Chrome's sandboxing feature, where the browser isolates Chrome processes (tabs) from the rest of the operating system.

You can also opt for one of the many third-party PDF readers that don't have the above features. In fact, you don't even need a PDF reader because Chrome and Firefox both have integrated PDF readers which are pretty secure. In case you do opt for a PDF reader, just make sure that it's updated to the latest version and you should be safe.