Advice Request Adobe Acrobat Reader DC - remaining attack vectors after hardening

Please provide comments and solutions that are helpful to the author of this topic.

Status
Not open for further replies.

notabot

Level 15
Thread author
Verified
Oct 31, 2018
703
“When you have to use Adobe Acrobat Reader DC for some tasks, then it is better to use by default another application for a daily work, and use Adobe Acrobat Reader DC only for the safe documents (but not as a default viewer”

If a doc comes from an unknown source or I simply don’t expect the doc, I always open it with a web viewer ( google docs or from a private cloud drive that offers a viewer ). Having two local readers on top of that is a bit too much for me ( though I see why people may want to do that as well ), I’d rather have one local viewer and operate it in hardened mode - and this is to cover the very unlikely but theoretically possible case where eg my utility company adds malware by accident to a pdf or a malware writer sends fake mail posing a trusted source
 

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,598
I don’t agree with his argument for various reasons ( patch frequency for popular software , I find more scrutiny a good thing etc ) but this is a discussion for a different thread , I’m happy to participate in a topic like that but it can’t be that the answer to Harding xyz is don’t use it, use abc instead because it’s less of target due to less use and this is a pattern that’s consistent
You can do what you choose to do. That is nothing wrong in this, for you personally, and can be interesting for some users, too.
Please remember, that this thread is also for many other readers. Generally, not using Adobe Acrobat Reader (even restricted) will be safer and easier than using it. The same is true for MS Office applications.
Using Adobe Acrobat Reader DC is somewhat similar to using the revolver as a hammer. Yes, it is more universal as compared to the hammer (especially in the US). It can be also safe without the bullets.(y)
 

notabot

Level 15
Thread author
Verified
Oct 31, 2018
703
You can do what you choose to do. That is nothing wrong in this, for you personally, and can be interesting for some users, too.
Please remember, that this thread is also for many other readers. Generally, not using Adobe Acrobat Reader (even restricted) will be safer and easier than using it. The same is true for MS Office applications.
Using Adobe Acrobat Reader DC is somewhat similar to using the revolver as a hammer. Yes, it is more universal as compared to the hammer (especially in the US). It can be also safe without the bullets.(y)

I don’t see how the advise to avoid popular software is related to this thread or any thread that’s product specific, especially for other readers who may come here from a search engine due to the title which is about Adobe Reader.

Anyone’s free to use whatever software they want, it’s about not taking the threat out of topic
 

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,598
I don’t see how the advise to avoid popular software is related to this thread or any thread that’s product specific, especially for other readers who may come here from a search engine due to the title which is about Adobe Reader.

Anyone’s free to use whatever software they want, it’s about not taking the threat out of topic
No offense, that advice was not for you, but for other MT readers. As I said, you can choose to use Adobe Acrobat Reader DC (AAR DC) for some reasons. The way of restricting AAR DC can be interesting to some users, who have to use it. Most of those restrictions, are applied when using the application Documents Anti-Exploit (made by me).(y)

The advice was not about avoiding the popular software, but about avoiding one of the most frequently exploited software. It would be also true for any such software (MS Office, etc.).
You are right, that talking about avoiding AAR DC will be off topic, because you have already said, that you are interested only in restricting AAR DC for the maximum security.(y):giggle:
 

notabot

Level 15
Thread author
Verified
Oct 31, 2018
703
Thanks for clarifying - I’d be happy to take part in a thread we’re this is the topic of discussion and I think it would be a good thread to discuss

Above settings would make Adobe Reader much more secure than default
 
Status
Not open for further replies.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top