Editing PDF (section)

== Security==
{{See also|Adobe Acrobat#Security}}

===Changes to content===
In November 2019, researchers from [[Ruhr University Bochum]] and Hackmanit GmbH published attacks on digitally signed PDFs.<ref>{{cite book |url=https://dl.acm.org/doi/10.1145/3319535.3339812 |series=CCS '19 |date=November 6, 2019 |pages=1–14 |publisher=ACM Digital Library, ACM SIGSAC Conference on Computer and Communications Security |doi=10.1145/3319535.3339812 |isbn=9781450367479 |s2cid=199367545 |url-access=subscription |access-date=April 6, 2021 |archive-date=April 26, 2021 |archive-url=https://web.archive.org/web/20210426223722/https://dl.acm.org/doi/10.1145/3319535.3339812 |url-status=live |chapter=1 Trillion Dollar Refund: How to Spoof PDF Signatures |title=Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security |last1=Mladenov |first1=Vladislav |last2=Mainka |first2=Christian |last3=Meyer Zu Selhausen |first3=Karsten |last4=Grothe |first4=Martin |last5=Schwenk |first5=Jörg }}</ref> They showed how to change the visible content in a signed PDF without invalidating the signature in 21 of 22 desktop PDF viewers and 6 of 8 online validation services by abusing implementation flaws.
At the same conference, they additionally showed how to exfiltrate the plaintext of encrypted content in PDFs.<ref>{{cite book |url=https://dl.acm.org/doi/10.1145/3319535.3354214 |series=CCS '19 |date=November 6, 2019 |pages=15–29 |publisher=ACM Digital Library, ACM SIGSAC Conference on Computer and Communications Security |doi=10.1145/3319535.3354214 |isbn=9781450367479 |s2cid=207959243 |url-access=subscription |access-date=April 6, 2021 |archive-date=April 26, 2021 |archive-url=https://web.archive.org/web/20210426223415/https://dl.acm.org/doi/10.1145/3319535.3354214 |url-status=live |chapter=Practical Decryption exFiltration: Breaking PDF Encryption |title=Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security |last1=Müller |first1=Jens |last2=Ising |first2=Fabian |last3=Mladenov |first3=Vladislav |last4=Mainka |first4=Christian |last5=Schinzel |first5=Sebastian |last6=Schwenk |first6=Jörg }}</ref> In 2021, they showed new so-called ''shadow attacks'' on PDFs that abuse the flexibility of features provided in the specification.<ref>{{cite web |url=https://www.ndss-symposium.org/ndss-paper/shadow-attacks-hiding-and-replacing-content-in-signed-pdfs/ |title=Shadow Attacks: Hiding and Replacing Content in Signed PDFs |publisher=Internet Society, The Network and Distributed System Security Symposium |access-date=April 6, 2021 |archive-date=April 21, 2021 |archive-url=https://web.archive.org/web/20210421094100/https://www.ndss-symposium.org/ndss-paper/shadow-attacks-hiding-and-replacing-content-in-signed-pdfs/ |url-status=live }}</ref> An overview of security issues in PDFs regarding [[denial of service]], [[Data breach|information disclosure]], [[data manipulation]], and [[arbitrary code execution]] attacks was presented by Jens Müller.<ref>{{cite web |url=https://www.ndss-symposium.org/ndss-paper/processing-dangerous-paths-on-security-and-privacy-of-the-portable-document-format/ |title=Processing Dangerous Paths – On Security and Privacy of the Portable Document Format |publisher=Internet Society, The Network and Distributed System Security Symposium |access-date=April 6, 2021 |archive-date=April 21, 2021 |archive-url=https://web.archive.org/web/20210421094018/https://www.ndss-symposium.org/ndss-paper/processing-dangerous-paths-on-security-and-privacy-of-the-portable-document-format/ |url-status=live }}</ref><ref>{{cite web |url=https://www.blackhat.com/us-20/briefings/schedule/#portable-document-flaws--20387 |title=Portable Document Flaws 101 |publisher=Blackhat |access-date=April 6, 2021 |archive-date=April 9, 2021 |archive-url=https://web.archive.org/web/20210409131634/https://www.blackhat.com/us-20/briefings/schedule/#portable-document-flaws--20387 |url-status=live }}</ref>

===Malware vulnerability===
PDF files can be infected with viruses, Trojans, and other malware. They can have hidden JavaScript code that might exploit vulnerabilities in a PDF, hidden objects executed when the file that hides them is opened, and, less commonly, a malicious PDF can launch malware.<ref>{{cite web | title=Can PDFs have viruses? Keep your files safe | publisher=Adobe | url=https://www.adobe.com/acrobat/resources/can-pdfs-contain-viruses.html | access-date=3 October 2023 | archive-date=October 4, 2023 | archive-url=https://web.archive.org/web/20231004120143/https://www.adobe.com/acrobat/resources/can-pdfs-contain-viruses.html | url-status=live }}</ref>

PDF attachments carrying viruses were first discovered in 2001. The virus, named ''OUTLOOK.PDFWorm'' or ''Peachy'', uses [[Microsoft Outlook]] to send itself as an attached Adobe PDF file. It was activated with Adobe Acrobat, but not with Acrobat Reader.<ref>Adobe Forums, [https://forums.adobe.com/thread/302989 Announcement: PDF Attachment Virus "Peachy"] {{Webarchive|url=https://web.archive.org/web/20150904151955/https://forums.adobe.com/thread/302989 |date=September 4, 2015 }}, August 15, 2001.</ref>

From time to time, new vulnerabilities are discovered in various versions of Adobe Reader,<ref>{{cite web|url=https://helpx.adobe.com/security.html#readerwin|title=Security bulletins and advisories|publisher=Adobe Systems Inc.|access-date=January 12, 2023|date=January 10, 2023|archive-date=April 6, 2010|archive-url=https://web.archive.org/web/20100406041941/http://www.adobe.com/support/security/#readerwin|url-status=live}}</ref> prompting the company to issue security fixes. Other PDF readers are also susceptible. One aggravating factor is that a PDF reader can be configured to start automatically if a web page has an embedded PDF file, providing a vector for attack. If a malicious web page contains an infected PDF file that takes advantage of a vulnerability in the PDF reader, the system may be compromised even if the browser is secure. Some of these vulnerabilities are a result of the PDF standard allowing PDF documents to be scripted with JavaScript. Disabling JavaScript execution in the PDF reader can help mitigate such future exploits, although it does not protect against exploits in other parts of the PDF viewing software. Security experts say that JavaScript is not essential for a PDF reader and that the security benefit that comes from disabling JavaScript outweighs any compatibility issues caused.<ref>{{Cite web|url=http://www.grc.com/sn/sn-187.txt|title=Steve Gibson – SecurityNow Podcast|date=March 12, 2009|first1=Steve|last1=Gibson|first2=Leo|last2=Laporte|access-date=January 11, 2011|archive-date=May 8, 2020|archive-url=https://web.archive.org/web/20200508100301/https://www.grc.com/sn/sn-187.txt|url-status=live}}</ref> One way of avoiding PDF file exploits is to have a local or web service convert files to another format before viewing.

On March 30, 2010, security researcher Didier Stevens reported an Adobe Reader and Foxit Reader exploit that runs a malicious executable if the user allows it to launch when asked.<ref>{{cite web|url=http://blogs.pcmag.com/securitywatch/2010/03/malicious_pdfs_execute_code_wi.php|title=Malicious PDFs Execute Code Without a Vulnerability|work=PCMAG|url-status=dead|archive-url=https://web.archive.org/web/20100404034752/http://blogs.pcmag.com/securitywatch/2010/03/malicious_pdfs_execute_code_wi.php|archive-date=April 4, 2010}}</ref>