The National Security Agency (NSA) has issued a technical report for systems administrators to prevent cyber actors from using malicious PDFs to target networks in a Windows environment.
Adobe Acrobat Reader DC software is the latest global standard for reliably viewing, printing, and commenting on PDF documents. The report advises administrators on how to configure their Adobe reader settings to minimize the risks of malicious PDFs.
Specifically, the report recommends administrators implement modern security features for sandboxing and access control to help limit what malicious PDFs can do.
“Malicious PDFs continue to be an access vector to compromise networks,” NSA Cybersecurity Director Rob Joyce said. “Follow these recommendations to secure your Adobe Reader and make it harder for the adversary to find a way in.”
The report provides guidance for those who only utilize Adobe reader for the basic viewing function for PDFs, as well as more detailed guidance for those who use it for more complex uses such as data sharing.
“Simply configuring Acrobat’s security settings is not enough to completely secure a system,” the report says. “As with all commercial products, the system administrator must also configure a secure operating environment and stay current with all security-related patches and updates to that environment.”