Skip to main content
S
Sunny26326757tb7e
Known Participant
May 4, 2023
Question

Is there any risk to Windows 10 computer when Adobe App opens a PDF which is actually exectuable?

  • May 4, 2023
  • 3 replies
  • 3837 views

My understanding has been, when

  1. I click on a PDF and
  2. Adobe is default program for PDF Extension

Adobe should displays the error message, "not a supported file type". 

I thought Adobe would not just refuse to open this file and therefore no security risk to Windows 10 computer.

However, I need confirmation due to security advsise from following website to ensure PDF is not executable

 

https://blog.fileformat.com/2021/10/16/malicious-pdf-files-and-how-to-protect-from-these/#:%7E:text=Stop%20PDF%20readers%20to%20execute%20non-PDF%20files%20Ensure,opening%20PDF%20attachments%20sent%20by%20unknown%20email%20sender%22https://blog.fileformat.com/2021/10/16/malicious-pdf-files-and-how-to-protect-from-these/#:%7E:text=Stop%20PDF%20readers%20to%20execute%20non-PDF%20files%20Ensure,opening%20PDF%20attachments%20sent%20by%20unknown%20email%20sender%22 

This topic has been closed for replies.

3 replies

S
Sunny26326757tb7eAuthor
Known Participant
May 8, 2023

Thanks Shijie, I found CDR "Content Disarm & Reconstruction" for all potentially malicious code. When this webpage prohibits pasting URL, it is in Wikipedia which does not list Adobe as provider; Does Adobe have similar solution?

JR Boulay
Community Expert
JR BoulayCommunity Expert
Community Expert
May 4, 2023

This article is a load of rubbish just to get traffic and clicks on ads.
Nothing serious.

Acrobate du PDF, InDesigner et Photoshopographe
S
Sunny26326757tb7eAuthor
Known Participant
May 5, 2023

Thanks, your comment is comforting but I should add my primary concern is untrusted PDF because

  1. my IT Department advise is the only accpetable type of untrusted file  is Text.
  2. Both Adobe and Microsoft have settings for untrusted PDF.

My concern is to modify Product User Manual and Engineering Drawings from internet which are in PDF and classified untrusted . 

try67
Community Expert
try67Community Expert
Community Expert
May 5, 2023

What is a "trusted" PDF file, and how do you decide it's "trusted" before opening it?

T
Test Screen Name
Legend
May 4, 2023

There's no such thing as an executable PDF. That's not what the article says. It says to avoid executable files that pretend to be PDF. You need to protect yourself against unchecked executable files in general, using normal malware protection. 

S
Sunny26326757tb7eAuthor
Known Participant
May 8, 2023

Thanks my computer already have AntiVirus program active and up to date which I always thought is enough but:

  1. I seriously doubt if any IT department warn without support from Security Experts to create work for end-users.
  2. I have not yet found support if Antivirus program warn, if not quarantee a exectuable that pretend to be PDF.

On my personal computer. I have always been using Microsoft 365 Home Defender and open PDF from internet. But on work computer, I should follow Enterprise security rules but also need to open PDF from Internet.

Because I am not blocked to download PDFs, security risk is probably low but this allowed practise conflict with IT advise to download Text File only.

I wonder if other enterprise end-users face such dilemna ?

When there is no progress in this post, to improve security, I am requesting IT to enable Microsoft Application Guard because hardware virtualisation in general trumps software virtualisation.

 

Terms & ConditionsAccessibility statement
Using the community Terms of use Privacy Cookie preferences Do not sell or share my personal information ad choicesAdChoices