Can PDF have Virus?


​Best Anti-malware

MalwareFox ​Premium


  • ​Removes Malware which Antivirus cannot
  • Protects from ​Ransomware Attacks
  • ​Lightweight​ and Fast ​Detection

PDF is convenient file format to share documents. It is widely used for personal as well as official communication channels. Its popularity makes it target of malware attackers. Though not always vulnerable and infected but some PDFs can have virus or another hidden malware.

Being the most common email attachment, PDF is commonly targeted to breach computer networks. Advanced forms of PDF malware are not easily detectable by Secure EMail gateways.

How are PDFs Infected?

PDF is a powerful document which contains static elements (images and text), dynamic elements (forms) and embedded signatures. These elements are necessary to make document visually appealing and consistent, there is a darker side to it.

Above mentioned capabilities have been misused to inject malicious scripts. Javascripts are mostly used for infesting malware on victim’s computer. PDF files include the ability to execute code on your device—and that’s where the real danger lies.

Javascript – Javascripts are used in the website coding to control browser appearance and functionality. In past, it has been used to exploit multiple vulnerabilities in Adobe as well as many other PDF readers.

System Commands – Launch action in PDF can open Command window and execute commands to initiate malware. Most of the commands have now been disabled by Adobe but they might be open in other readers or earlier versions.

Hidden Objects – PDFs can have embedded and encrypted objects which prevents being analyzed by antivirus scanner. These objects are executed when file is opened by the user.

Multimedia Control – When we say PDF can have embedded objects, it could be a quicktime media or flash file. Attacker can exploit vulnerability in media players.

READ
Java Security Issues – How to Fix

How to Check PDF Virus?

If you ever receive any PDF from any untrusted sources, it is recommended to scan the file before opening it. Email providers like Gmail have inbuilt malware scanner for file attachments. They implement the technology of VirusTotal so you can be assured.

READ
5 Best Online Virus Scanner

You can even scan the file before even downloading using online virus scanners. There is an online tool called PDF Examiner which can analyse PDF files for Javascript obfuscation and other known exploits. It even works for encrypted files.

Lastly once you have file downloaded on computer, make sure you have real time anti-malware protection. It will be your second layer of defense to detect unknown malware and protect if something still goes wrong.

How to Protect from PDF Virus?

1. Disable JavaScript on your PDF reader: If you are using Adobe Reader then Open Adobe Reader and go to “Edit -> Preferences” or simply press “CTRL + K”. From the sidebar, select JavaScript and uncheck “Enable Acrobat JavaScript”.

2. Do not allow PDF reader to execute Non-PDF files using external application.

3. Disable PDF reader from Startup programs of Windows.

4. Keep Macros disabled. Malicious files might persuade you to enable but you should not unless very much necessary.

5. Do not download or open file attachment sent by unknown email sender.

6. Ensure Windows OS, PDF reader program and Antivirus is up to date.

7. Backup regularly and keep it encrypted.

Conclusion

Whether a PDF has a virus or not, it does not solely depend on the file extension. It also depends on the vulnerabilities in the software which will be parsing it. For example, PDF reader that you are using potentially contains a buffer overflow vulnerability, then an attacker can construct a special PDF file to exploit that vulnerability.


​Best Anti-malware

MalwareFox ​Premium


  • ​Removes Malware which Antivirus cannot
  • Protects from ​Ransomware Attacks
  • ​Lightweight​ and Fast ​Detection

Leave a Comment