The National Security Agency (NSA) released “Recommendations for Configuring Adobe® Acrobat® Reader® DC in a Windows® Environment” today. The technical report addresses the longstanding issue of cyber actors using malicious PDFs when targeting victim networks. Specifically, it details recommended Adobe Reader configuration settings for systems administrators to help minimize the risk of executable content and other malicious activity in a Windows environment.
NSA recommends administrators implement modern security features for sandboxing and access control – configurations that can be rolled across networks to limit this common access vector at scale. Also included in the report is guidance for those who only need the basic viewing function for PDFs in addition to more complex uses, such as data sharing.
Administrators are encouraged to carefully review this document to select configuration options that will have minimal impact on usability while providing maximum protection for their organizations.