Sunday, August 15th, 2010
AVG (AU/NZ) shows how business and home users can secure Adobe Reader so their PCs don't get infected.

It should go without saying that the best way to deal with malware is, of course, not to get infected in the first place.

Lloyd Borrett, Security Evangelist for AVG (AU/NZ) says, “Being aware of what products are being targeted by the bad guys may help you as well, so it may be useful to know that at the moment Adobe products are virtually the number one target across the world with millions of PCs being hit by infected Adobe PDFs. Others are being spawned via Adobe Flash ads via Facebook and other social media web sites.”

Attackers send a file that has malicious code embedded in it. Once the file is opened, the computer is infected, typically with some form of identity theft malware that then steals data.

The Adobe PDF and Adobe Flash browser plug-ins are also used in “drive-by download” attacks where malware is downloaded onto the PC while the user is surfing the web.

“Adobe products, just like Microsoft Windows and Microsoft Office, have near universal use on home and business computers making these applications prime targets for the bad guys,” Borrett continues. “Unfortunately, since the bad guys realised this and turned their attention to finding security holes in them, they have been very successful.”

Of course, the easiest way to avoid the risk of being compromised via these Adobe products is not to install them! However, this is virtually impossible for most home and business Internet users.

So if you must use Adobe Reader, then please take the time to secure it.

How to secure Adobe Reader

1. Open the Adobe Reader application and choose ‘Edit’ and then ‘Preferences’.

2. On the left you will see several different categories of options to modify.

3. Under the ‘JavaScript’ category there is a checkbox ‘Enable Acrobat JavaScript’. Make sure this checkbox is not ticked/selected so that you disable Adobe Reader’s ability to run dangerous JavaScript from a PDF.

4. Under the ‘Security’ category, to specify that digital signatures are handled securely make sure the ‘Verify signatures when the document is opened’ checkbox is ticked/selected.

5. Under the ‘Security (Enhanced)’ category, make sure the ‘Enable Enhanced Security’ checkbox is selected to help with data protection and privacy.

6. Under the ‘Trust Manager’ category we’d recommend you disable Acrobat’s ability to call external applications to handle non-PDF file attachments. So, after the ‘PDF File Attachments’ heading, make sure the ‘Allow opening of non-PDF file attachments with external applications’ checkbox is not ticked/selected.

7. Then click on ‘OK’ to exit changing the preferences.

Adobe is working to address the security vulnerabilities in its products, so it’s vital to make sure you regularly check for updates to Adobe Reader, Adobe Flash and other Adobe applications. Turn on the automatic updates so that your Adobe software stays up-to-date.

Borrett adds, “And also don't forget to install a complete security suite solution like AVG Internet Security that will provide you with total protection as you work, shop, bank and play games online.”

AVG (AU/NZ) has a comprehensive range of security tips for home and business users on its web site at www.avg.com.au/resources/security-tips/.

Contact Profile

Keywords

AVG, Internet security, cyber-criminals, Adobe

Categories

Sharing

More Formats