Skip to main content
M
Mi-22462936j9rm
Participant
January 1, 2022
Question

How "Sanitize Document" can be useful if you already has opened a document?

  • January 1, 2022
  • 3 replies
  • 1406 views

PDFs can contain malware. So it's dangerous to view some of them. Then there is such feature as "Sanitize Document", but to use it we should start with opening a potentially dangerous PDF. So how this function can protect if you have to open it first? Can't something malicious start to work before you run santitize function?

    This topic has been closed for replies.

    3 replies

    Dave Creamer of IDEAS
    Community Expert
    Dave Creamer of IDEASCommunity Expert
    Community Expert
    January 1, 2022

    You are conflating sandboxing with sanitizing. 

     

    Acrobat has a "sandboxing" feature to protect your system from malicious code. 

     

    Sanitizing is to remove any of YOUR potential private data or features you don't want to share. Here is a list of the hidden data that can remove:

    https://helpx.adobe.com/acrobat/using/removing-sensitive-content-pdfs.html#remove_hidden_information_options

    David Creamer: Community Expert (ACI and ACE 1995-2023)
    try67
    Community Expert
    try67Community Expert
    Community Expert
    January 1, 2022

    Not entirely correct. See my reply above.

    T
    Test Screen Name
    Legend
    January 1, 2022

    The "Sanitize" feature is not designed to remove malware; I think this is a good guess based on the name, but it's not what it is for. It's to remove your personal info before sharing a file.

      try67
      Community Expert
      try67Community Expert
      Community Expert
      January 1, 2022

      That's not entirely accurate. This command will also remove links, actions and scripts from the file. Those have nothing to do with your personal info.

       

      Here's the full list:

       

       

      Thom Parker
      Community Expert
      Thom ParkerCommunity Expert
      Community Expert
      January 1, 2022

      Years ago there were several malicious PDF exploits that used memory overflow errors to get malware into Acrobat. None of these were ever real problems, and Adobe put in fixes real fast. I have not heard of any serious security issues in a long time.  However, some of these exploits did use JavaScript to cause the memory issue, and since sanitize removes scripts, it does in fact offer protection from a potential security problem.  Opening such a compromized PDF does not pose a threat if you just turn off JavaScript execution in the preferences. 

       

       

      Thom Parker - Software Developer at PDFScriptingUse the Acrobat JavaScript Reference early and often
      try67
      Community Expert
      try67Community Expert
      Community Expert
      January 1, 2022

      Not really. If something truly malicious is embedded in a PDF file (which is not a common thing at all, by the way), then it will likely escape the "sanitize document" command anyway, by being hidden deep inside the internals of the file.

        Terms & ConditionsAccessibility statement
        Using the community Terms of use Privacy Cookie preferences Do not sell or share my personal information ad choicesAdChoices