PDF security, please?

Submitted by tnstaec in security_culture

I know there can be security issues with PDFs, but I'm only vaguely aware of them. I'm sure there's all kinds of malignant shit like exploits and hidden malicious code that may exist. What should folks look out for? How can we protect ourselves? I've got a massive e-book library I want to start sharing. Is there a way to clean any infected files so I can safely share them?


You must log in or register to comment.


GrimWillow wrote (edited )

Essentially the dangers mostly involve issues with the dynamic elements of the pdf, such as the Javascript. Most modern pdf readers will warn you that it is potentially malicious to load if it detects some scripts being run, but they let you choose to continue, and once the connection is made (this includes opening it from a browser as a client) it may deliver a payload, or simply mine your data and send it somewhere, without you knowing it.

A good way to ensure that it won't do anything to you, even if it is infected, is to open it in a live booted environment (without mounting any drives) with the internet disconnected during the time that you are running and looking at it.

There are services online that check malicious files for you, such as Virus Total. I usually use this service to check random files I download from the net.