Site search is available on home page

Securing Adobe Reader

By , Last modified: 2015-03-02.

How to enhance Adobe Reader security in Windows XP, Vista, 7, 8 and 8.1

Adobe Reader (also known as Acrobat Reader) is a free viewer for PDF (portable document format) files. It has been plagued by viruses and other malware for several years now; mainly because its numerous security bugs have enabled loading malicious documents on web pages without user consent. In October, 2012, Adobe released Reader XI (version 11) that includes enhanced sandboxing (running the program in protected mode, so that malicious scripts and programs can not alter other contents on user's computer while reading the PDF file).

There are some simple steps to stop Adobe Reader from being misused.

The very first step is to verify that Reader is up-to-date. See the Browser and Plug-in Check for this. If necessary, download the latest version from Adobe's web page. This ensures that you will get two very important features in the program - protected mode and automatic updates.
To keep Adobe Reader and many other important programs updated automatically, you can also use the free program called Secunia PSI.

Open Adobe Reader's preferences by using keyboard shortcut Ctrl+K or by opening Edit menu and clicking Preferences...:
Adobe Reader - to change settings, open Edit menu and click Preferences.

For Adobe Reader XI, open the JavaScript tab on the left. Then clear the Enable JavaScript check box. This is enabled by default in Adobe Reader 11.
This makes sure that malicious or hijacked web pages are not able to misuse JavaScript language for infecting or taking over your computer.
Adobe Reader, Preferences, JavaScript tab. Make sure that the 'Enable Acrobat JavaScript' box is not checked.

Now open the Security (Enhanced) tab.
First, put a check mark in the Enable Protected Mode at startup box in the Sandbox Protections section. Then select Files from potentially unsafe locations for Protected View. This keeps Adobe Reader from opening files that might be harmful. Most secure (but not very convenient) option is All files.
Finally, ensure that there is a tick mark in the Enable Enhanced Security check box.
Adobe Reader, Preferences, Security (Enhanced) tab. Make sure that the 'Enable Protected Mode at startup' option is enabled. Then select 'Files from potentially unsafe locations' option. Finally, turn on the 'Enable Enhanced Security' check box.

Click the Trust Manager tab on the left. Clear the Allow opening of non-PDF file attachments with external applications box. This is a very important step as several botnets are using PDF files for opening unpatched programs and infecting victim's computers with trojans that steal personal information such as login names and passwords.
Then check the Load trusted root certificates from an Adobe server box. This will keep information about certificate authorities up-to-date and prevent opening files signed with fake or stolen security certificates.Adobe Reader, Preferences, Trust Manager tab. Make sure you clear the 'Allow opening of non-PDF file attachments with external applications' box.

And finally, open the Updater tab. If you do not have this tab, your Adobe Reader is not the latest version - close Preferences window by clicking OK, then open Help menu and click Check for updates (or just download and install the latest version from

To change options on this tab you need administrative rights on your Windows computer!

Click to select the Automatically install updates option. This will ensure that you are always using the latest, fully patched version of Adobe Reader.
Adobe Reader, Preferences, Updater tab. Make sure you select the 'Automatically install updates' option.

You might see the red Adobe Updater icon in Taskbar's Notification Area in the future while Adobe Reader updates are being downloaded and installed. Always let the process finish, its work; you can safely continue doing your work.

Click OK to close Preferences window.

To add an extra protection layer from even unpatched security bugs, please read our Microsoft EMET article!

And that's it - your Adobe Reader is now more secure! Cool



Sub Navigation

Sub Navigation
Next: Securing Java
Previous: Securing Adobe Flash Player
comments powered by Disqus