3 Replies Latest reply on Jan 19, 2013 10:03 AM by Dave Merchant

    "security" application package to CLEAN the widely "known" Malicious code?

    HistorianRigemental Level 1

      Professionally & Personally - I use, make, and Read many PDF files daily [reports, documents, & books]; I have many "many" thousands of PDF documents in my Archives.

       

      A. Background:

       

      1.    I have heard, since Acrobat 5, many security specialist have deemed JAVA as a THREAT; and PDF as a security concern! Recently Reported Home Land Security has deemed JAVA as an on-going "continuing high threat", in spite of se7u11; reported that DHLS expressed that 28% of reported ATTACKS were from Adobe Acrobat PDF files embedded user malicious software code [ever growing numbers of attacks]. <PDF security is a major growing DOD concern!>

       

      2.    To my great surprise from "IT" professional who disabled JAVA in his Department's systems, the current Security Software and specific program updates offer no real solution or resolutions to this ongoing security problem. I understood that Virus and Trojan Checkers do not check malicious software code hidden inside PDF files, and software updates do not remove or make safe the malicious software code in the actual PDF – thus it remains a potentially very DISTRUCTIVE-DATA-BOMB just setting in your databases awaiting to be activated at some future date.

       

      3.    "This is very tedious and time consuming!" I have since disabled JAVA in my Adobe Acrobat and run each PDF through "PDF OPTIMIZER" - Discarding all User Data, User Objects, and especially User JAVA Codes – and disable my LAN internet connection -- before utilizing it. I don’t know if this is of any good or not – but I feel safer.

       

      B. PROBLEMS & QUESTIONS (I’ve given each question its own string to assist with preventing confusion)!

       

      4.    CLEAN OLD FILES! Has Abode Acrobat issued stand alone "security" application package to CLEAN the widely "known" Malicious code or attack internet sites from PDF files? I was informed that Security Software doesn't perform this specific function inside PDF files. Does Adobe have a similar Microsoft Windows Malicious Software Removal Tool? What is Adobe's solution?

        • 1. Re: "security" application package to CLEAN the widely "known" Malicious code?
          George_Johnson MVP & Adobe Community Professional

          The recent homeland security warning concerned a version of Java, which is entirely different than JavaScript, which can be included in PDFs. As you've found, Acrobat can sanitize a document, in part by removing any JavaScript that it contains. Since it's gone, any threat that it may have posed is gone. Disabling JavaScript is effective as well. Since version 10 on Windows, Acrobat/Reader offer Protected View/Mode which significantly increases security by preventing a number of types of possible attacks.

          • 2. Re: "security" application package to CLEAN the widely "known" Malicious code?
            HistorianRigemental Level 1

            Hello George Johnson

             

            I do so appreciate your assistance…

             

            Although I have used in business and own computers since the 1970’s [built one myself from a kit in 79], I’ve not had to concern myself with programming since, DOS, Lotus/IBM/Apple Basic and COBAL --- especially after XP release I gave up even trying to figure what each does. I did not mean to offend as to which specific JAVA version and/or product is the problem, since I personally have no CLUE – and today totally depend upon goodwill of smart guys like you.

             

            Specifically why recently DHLS [IT security folks and DOD for many years] is saying that Malicious Software code in PDF files is such a big threat and responsible for 28% of the systems attacks I do not know the technicalities or reasoning of these assertions – except it had something to do with JAVA CODE/JavaScript[?] contained inside the actual PDF which virus software doesn’t detect or destroy?  I do not know if it is the Additional CODE placed inside the PDF by the bad actor and/or the changing of actual Adobe Program Code is the problem? I may be chasing may tail!

             

            My biggest concern for many years into the future -- is protecting my very large PDA database/Archive, multiple Systems, my personal information, and to try to the best of my ability to not pass PDF having within it Malicious Software CODE [JAVA CODE/JavaScript?] put into it by a bad actor.

             

            Since my PDF database Archives [and back-ups] is many terabytes – it is impossible to “import” each PDF into Acrobat and run PDF Optimizer (removing Adobe known user placed codes and data) – as I am doing now – much less trying to figure out what else I should check for within the PDF file or the ever increasing updates, changes, versions of plugging the hole in the dikes…..

             

            So George, back to my question,  Has Abode Acrobat issued stand alone "security" application package to CLEAN the widely "known" Malicious code or attack internet sites from PDF files? [You know 28% DHLS & DOD is talking about.] I was informed that Security Software doesn't perform this specific function inside PDF files. Does Adobe have a similar Microsoft Windows Malicious Software Removal Tool? What is Adobe's solution?

             

            Thank you so very much for your knowledge, help, and interest.

            • 3. Re: "security" application package to CLEAN the widely "known" Malicious code?
              Dave Merchant MVP & Adobe Community Professional

              Java has nothing to do with JavaScript. Acrobat and Adobe Reader do not include any Java in their codebases, neither can a PDF file contain any Java. The security concerns around Java are completely irrelevant to the Acrobat Family.