Advice Request Adobe Acrobat Reader DC - remaining attack vectors after hardening

[notabot]

“When you have to use Adobe Acrobat Reader DC for some tasks, then it is better to use by default another application for a daily work, and use Adobe Acrobat Reader DC only for the safe documents (but not as a default viewer”

If a doc comes from an unknown source or I simply don’t expect the doc, I always open it with a web viewer ( google docs or from a private cloud drive that offers a viewer ). Having two local readers on top of that is a bit too much for me ( though I see why people may want to do that as well ), I’d rather have one local viewer and operate it in hardened mode - and this is to cover the very unlikely but theoretically possible case where eg my utility company adds malware by accident to a pdf or a malware writer sends fake mail posing a trusted source

 

[Andy Ful]

I don’t agree with his argument for various reasons ( patch frequency for popular software , I find more scrutiny a good thing etc ) but this is a discussion for a different thread , I’m happy to participate in a topic like that but it can’t be that the answer to Harding xyz is don’t use it, use abc instead because it’s less of target due to less use and this is a pattern that’s consistent

You can do what you choose to do. That is nothing wrong in this, for you personally, and can be interesting for some users, too.
Please remember, that this thread is also for many other readers. Generally, not using Adobe Acrobat Reader (even restricted) will be safer and easier than using it. The same is true for MS Office applications.
Using Adobe Acrobat Reader DC is somewhat similar to using the revolver as a hammer. Yes, it is more universal as compared to the hammer (especially in the US). It can be also safe without the bullets.

 

[notabot]

You can do what you choose to do. That is nothing wrong in this, for you personally, and can be interesting for some users, too.
Please remember, that this thread is also for many other readers. Generally, not using Adobe Acrobat Reader (even restricted) will be safer and easier than using it. The same is true for MS Office applications.
Using Adobe Acrobat Reader DC is somewhat similar to using the revolver as a hammer. Yes, it is more universal as compared to the hammer (especially in the US). It can be also safe without the bullets.

I don’t see how the advise to avoid popular software is related to this thread or any thread that’s product specific, especially for other readers who may come here from a search engine due to the title which is about Adobe Reader.

Anyone’s free to use whatever software they want, it’s about not taking the threat out of topic

 

[Andy Ful]

I don’t see how the advise to avoid popular software is related to this thread or any thread that’s product specific, especially for other readers who may come here from a search engine due to the title which is about Adobe Reader.

Anyone’s free to use whatever software they want, it’s about not taking the threat out of topic

No offense, that advice was not for you, but for other MT readers. As I said, you can choose to use Adobe Acrobat Reader DC (AAR DC) for some reasons. The way of restricting AAR DC can be interesting to some users, who have to use it. Most of those restrictions, are applied when using the application Documents Anti-Exploit (made by me).

The advice was not about avoiding the popular software, but about avoiding one of the most frequently exploited software. It would be also true for any such software (MS Office, etc.).
You are right, that talking about avoiding AAR DC will be off topic, because you have already said, that you are interested only in restricting AAR DC for the maximum security.

 

[notabot]

Thanks for clarifying - I’d be happy to take part in a thread we’re this is the topic of discussion and I think it would be a good thread to discuss

Above settings would make Adobe Reader much more secure than default