Dangerous PDF Files

Microsoft published a list of eight names of known virus infected PDF files that have been repeatedly seen as the carrier of virus infections:

• pdf_new[1].pdf
• auhtjseubpazbo5[1].pdf
• avjudtcobzimxnj2[1].pdf
• pricelist[1].pdf
• couple_saying_lucky[1].pdf
• 5661f[1].pdf 7927
• 9fbe0[1].pdf 7065
• pdf_old[1].pdf

What  does that mean for you? Beware of any email attachment with any of these or similar file names!

One easy security measure against only exactly this type of virus is to disable Javascript in your PDF reader.. This depends on having the latest up-to-date version of the PDF reader installed.

If you use Adobe Reader at the time of writing the latest version is 11.0.3. Open the Edit menu and click on Preferences (or type Ctrl+K).  In the Preferences window click in the left side bar on Javascript. Then remove first the check mark by  "Enable global object security policy" and then the one by "Enable Acrobat Javascript". Then click OK to close the Preferences window. This is what the window looks like (emphasis added):

If you still have Adobe Acrobat installed please remove it and replace it with PDF-XChange Viewer! Well, if you actually use Adobe Acrobat regularly to create PDF documents then keep it up-to date and use it at your own risk.

Update May 27 2013:

If you use PDF X-Change Viewer at the time of writing the latest version is 2.5.210.Open the Edit menu and click on Preferences, select JavaScript, uncheck Enable JavaScript Actions and click “OK”. This is what the window looks like (emphasis added):

If you use a different PDF reader you have to find out if this reader allows embedded Javascript to be executed. If so then find out how to disable it.

Again, this avoids only Javascript viruses embedded in PDF files.
Additionally:
If you run any version of Adobe Reader older then 11.0.3 please upgrade immediately! After an upgrade you have to check if there is another older version of Adobe Reader installed; if so remove it! 

Should you have any difficulties with any of the above I will be glad to help. For things like these I do not need to come to your house, they can be fixed remotely.

As usual I welcome comments and suggestions right here in the blog. Thank you in advance.

Click here for a categorized Table Of Contents.

About Adobe Reader

I am getting too many emails with the same questions about Adobe Reader and/or PDF files.

Since December 2008 I have written several times about issues surrounding Adobe Reader. Here are all three articles referenced chronologically:

First article December 2008: What PDF Reader?
 
2nd. article June 2009: PDF Files on the Web
 
Recently I added a rant about Adobe’s incredibly brazen attempts to disown you and me of our computers:

3rd. article January 2010: Adobe, again it’s Adobe - Shun Their Reader!

If all the above is not sufficient to help you accept the workaround I outlined in the 2nd. article then I really don't know how to help. Go the “easy route” and re-install Adobe Reader again. I will gladly come back to clean up your computer when it is in a mess again.

As usual I welcome comments and suggestions right here in the blog. Thank you in advance.

Click here for a categorized Table Of Contents.

Adobe Shockwave – Manual Update Required!

As you can read in this article at The Register Adobe again proves to be a company that seems not to know what they want. One part of their organization wants to take the user “out of the picture” and fully automate updating as I reported here, another department goes back to the stone age and requires us to manually un-install a dangerously flawed version of the Shockwave Player before we can install the most current version.

If you think “I never used such a thing as a ‘Shockwave Player’” and maybe ask yourself if just un-installing it would do the trick then you would be badly wrong.

Adobe’s Shockwave Player is required for a vast number of web sites. Many animations and things that seem to be videos on the Internet actually require Adobe’s Shockwave Player.

What is so annoying is the fact that Adobe requires us to go the archaic route to manually un-install before we can download and install the current version.

As usual I welcome comments and suggestions right here in the blog. Thank you in advance.

Click here for a categorized Table Of Contents.

Adobe, again it’s Adobe - Shun Their Reader!

Now this is worth reading I think; take some time, get a cup of Java and read on.
Regularly I receive a MS-Windows specific newsletter that usually has pertinent and correct information. Here is a literal quote that I think is worth reading (emphasis added):

Beginning April 13, Adobe plans to release automatic, silent updates for its Adobe Reader PDF-viewing software.

In an interview with InfoSecurity.com, Brad Arkin, Adobe director of product security and privacy, said Acrobat Refresh Manager was quietly installed on millions of machines worldwide as part of the October 2009 quarterly patch released by the company.

The new, silent updater is currently disabled. Now, as before, Adobe Reader prompts users when an update is available and lets them decide whether to install it. Adobe wants to change this because users often postpone an update until they're confident the patch won't cause problems of its own. This delay opens what Arkin calls a "window of vulnerability."

Acrobat Refresh Manager is designed to take the user out of the equation; the updates will install when Adobe wants them to. This week's scheduled Adobe Reader update will begin test-activating the new updater with "selected users."

Depending on the results of this testing, Adobe Reader's automatic, silent updater may be operational across the millions of Reader installations starting in April. The company currently has announced no plans to launch an automatic-update feature for its Flash Player or any other Adobe products.

IMHO that is a typical example of a big company taking over my computer without either informing me nor asking my consent! What Adobe’s director of privacy and security sys there means:

1. Adobe does on my computer what they want when they want it and however they want to do it. They treat my computer as if it were theirs!
2. I am being “silenced” – and I don’t like that, believe me!
3. Adobe decides to use my computer and me as their guinea pig whether I like it or not, whether I am willing to cooperate or not!

What are these idiots at Adobe thinking? That is worse than Microsoft eventually labeling new functionality that only helps them as a “security update”. I have written about Adobe’s more than questionable policies and related problems here and here.

For me the consequences are clear: Adobe Reader gets removed from all my computers! I will replace it with PDF X-Change Viewer; how to get PDF X-Change Viewer is described here.

Commonly recommended alternatives like CutePDF, Foxit Reader and eventually others will attempt to install gunk-garbage like the Ask-Toolbar and make other not desirable changes. User beware!

As usual I welcome comments and suggestions right here in the blog. Thank you in advance.

Click here for a categorized Table Of Contents.

PDF Files on the Web

Imagine you are on the Internet, browsing away and enjoying yourself. You come to a place where the web page offers you a PDF file. BTW, PDF stands for Portable Document Format, an invention of a company with the name Adobe. Years ago there was only one program around to show the contents of PDF files, the Adobe Reader. That situation has changed massively; we have various good PDF readers available. Most of them are smaller than Adobe Reader, much faster and many good ones are free. On top of that eventual errors or shortcomings usually get corrected MUCH faster than Adobe does it. You can read more about that here.

If you want to read that piece of documentation you either get to see the document and all is hunky dory. But on some web sites you get an idiotic error message to the effect that the system can not find Adobe Reader and you should install it. Bummer!

You happen to be on a very dumb programmed web site. Even HP does that if you want a manual from their support site.

What a web site should do is send the PDF file to the browser who then shows it to you in whatever PDF Reader you have installed on your computer. You should have a good one installed! See the article I linked to above and below.

What your web site actually tries to do is to directly load Acrobat Reader with the PDF file. That is nonsense and only understandable in a historic context; way back when there were no alternatives. There are plenty of reasons to shun Adobe Acrobat Reader. I wrote here about recent ones.

Here is what you can do to circumvent this problem:

1. Right click on the link to the PDF file.
2. Click on Save Link As...
3. Navigate to a location you know and can find again.
4. Check the file name and amend it if required.
5. Click on OK (or Save?).
6. Navigate to the file and double click it.

This sounds more difficult than it is but it is the secure way - and you have the document on your computer.

As usual I welcome comments and suggestions right here in the blog.

Thank you in advance.

What PDF Reader?

You need a pdf reader to be able to see Portable Document Format (pdf) files. At this time (February 2010) I prefer Tracker Software’s PDFXChange reader over Acrobat Reader.

It can be potentially risky to open pdf files directly in the web browser. I strongly recommend to save such files first on your own computer. During this save operation the file will be scanned for viruses. Then you can open it just by double clicking the file.

If a web site does not allow this procedure then I would complain bitterly with their webmaster. They force you to use potentially unsafe procedures in the name of convenience.

Here is a quote from a recent security newsletter I am subscribed to:

What conclusion can be drawn from this unusual — Eugene calls it "rare" — example of how two companies approach nearly-identical security holes? Obviously, you should use Foxit, not Adobe Reader. Windows Secrets contributing editor Scott Dunn recommended exactly that in his Apr. 28 Top Story.

Clearly, free software offered by small companies often runs rings around the big-buck alternatives. But you already knew that, too.

The original article is too long and way too detailed to be quoted here.

Another note in this context:

Adobe Reader used to occupy about 20MB to 30MB space on your disk drive. At the time of writing the latest version is 9.x. This occupies 204MB disk space - and "naturally" not a word from Adobe about the fact itself and/or why they hog that much space.

Edit 01/06/09:
Okay, currently Foxit does not open a PDF file directly in the Firefox browser. If the added security (see above) is not important to you then you could use PDF-XChange reader as a free alternative; it opens PDF documents directly in Firefox.

If you want to use PDF-XChange reader please un-install all other PDF readers first.

Clarification 10/31/2009
and update 4/27/2010:
Here is the link to the download page for PDF-XChange. Please make sure you are on the End User Downloads tab and have the MSI Installer selected before you click on Download Now. 
  
After the download is finished find the downloaded installer file and run this program. You can install it with the default options and you can de-select the Language Pack if English is good enough for you.

As usual I welcome comments and suggestions right here in the blog. Thank you in advance.

Click here for a categorized Table Of Contents.