Well, it seems that Adobe is having another little problem with their software. It's not their fault, but it's also nothing to dismiss very easily. The problem found this time is with Reader (again), the program predominantly used by everyone to view PDF files.
The new problem is that it's been confirmed that malicious executable software can be embedded into a PDF file that, when the PDF is opened, runs the software in the background of your computer. While it's running in the background, this software can very easily open, run, and manipulate other parts of your computer's operating system. In effect, it can basically infect your computer the same way that malware (virus, Trojan, worm, etc.) can.
So now we have a problem: open and view a PDF, and your computer can be infected. However, don't fret, this isn't a major problem, at least not yet. Not a lot of attackers know of this exploit, much less know how to do it, so don't worry.
What can be done to remedy this? Again, a simple fix. This is from Adobe itself, they have put out a statement, urging users to apply this method.
1. Open up Adobe Reader.
2. Go to Edit --> Preferences ... this will open a pop-up window with options.
3. On the left-hand side of the window, where it says "Categories", go all the way down to where it says "Trust Manager" and click on that.
4. On the right-hand side, there should now be an option called "PDF File Attachments". Here, there should be a checkbox labeled "Allow opening of non-PDF file attachments with external applications". This is left on by default, which is the reason why you have this vulnerability in the first place.
Fixing this is easy: uncheck that box and click OK in the bottom-right corner.
That's it.
Another quick fix to your computer's security. Now you can download PDF's without worry. Happy browsing.
That's it.
Another quick fix to your computer's security. Now you can download PDF's without worry. Happy browsing.
