Remove Javascript From PDF Readers for Better Security


pdf-logo

Portable Document Format – What is it?

This may seem like an obvious question but it is possible that someone out there isn’t sure what a Portable Document Format (PDF) file is.

The Adobe Acrobat Product line and the PDF file date back to the early 1990’s. In the past two decades the PDF has become the de facto standard for the exchange of electronic documents.

Many times when downloading a document from the internet you will receive a message saying that you will need Adobe Acrobat Reader to access the PDF file. Most likely, they will also kindly provide a link for you to download that program as well.

The truth of the matter is that you don’t have to use the Acrobat Reader; in fact, I advise against it. My reasons are numerous but the main one is that once installed, it is nearly impossible to be rid of it. Acrobat spreads its many tentacles throughout your computer. Even after an uninstall, remnants of it remain all over your system. I don’t like that. When I uninstall a program, I want it to be gone.

Other reasons for angst: The free version is crippled. There is no portable version I am aware of. It costs a whopping $199 (US) to get the full version. The list goes on…

There are many free alternatives that, in some cases, work better and offer more features than Acrobat Reader. Some are even Portable which means they don’t require any installation at all.


Why Javascript? Why disable it?

“JavaScript is particularly useful for XML forms. JavaScript enables automated forms handling, Web and database communication, commenting, and user-interface capabilities.” ~ Adobe

Although Javascript makes it easy to manage forms in PDF files, it is yet another doorway for the Bad Guys to infiltrate your computer. For that reason I am recommending you disable Javascript in your PDF reader of choice. If you don’t need it, lose it.

Some Popular Alternative PDF Readers

When I do a search for “free pdf readers” on the internet I get an astounding 37 million+ results. I won’t be talking about them all today. Sorry.

I’m going to tell you how to disable Javascript in three of them. I’m sure that if your favorite reader is not on this short list, and your PDF Reader supports it, you will be able to find a menu item somewhere that will give you options similar to the ones I’m about to discuss.

I’ll begin with the one I don’t use.

acrobat-reader-logo

Adobe Acrobat Reader

  1. Under the Edit Menu, choose Preferences
  2. Click Javascript
  3. In the window that opens, uncheck Enable Acrobat Javascript
  4. Click OK and you’re done

Since I provided links to the following PDF Readers, I thought it would only be fair to offer a link here as well. This will take you to a fun video I saw the other day: How to get your dog’s attention


foxit-reader-logo

 

FoxIt Reader

  1. Under the File Menu, choose Preferences
  2. Select Trust Manager
  3. In the window that opens, uncheck Enable Javascript Actions
  4. Click OK and you’re done

FoxIt PDF Reader comes in both 32-bit and 64-bit versions. A Portable version can be found as well. If you would like to read a little about FoxIt PDF Reader, you may do so at this FoxIt Page.

pdf-xchange-logo

 

PDF XChange Viewer

  1. Under the Edit Menu, choose Preferences
  2. Select Javascript
  3. In the window that opens, uncheck Enable Javascript Actions
  4. Click OK and you’re done

This PDF Reader is the one I use. It comes in 32-bit and 64-bit flavors, and a Portable Version can also be found at the Tracker Software Site.

Conclusions

The PDF is everywhere. You may receive them attached to your eMail. You will certainly see them on the many web sites you visit. Hardware and software manuals abound—all using the PDF.

The very fact that we see them every day can make us stop thinking about them. I can assure you the Bad Guys don’t stop thinking. Javascript allows a malicious person to inject malware into your computer when you open the file.

Even if the eMail attachment is from a trusted friend, he/she may be oblivious to the fact that he/she not only just infected his/her computer but is about to do the same to yours.

Always close any security holes that you are aware of. In this case, it’s a simple matter of making a small change to a very useful program.

Richard

Posted in:
About the Author

Richard Pedersen

Richard received his first computer, a C-64, in 1982 as a gift and began dabbling in BASIC. He was hooked! His love for computing has led him from the old “XT” boxes to the more modern fare and from clunky 10MB hard drives to smooth and fast modern day SSD drives. He has run BBS services, Fido mail, and even operated his own computer repair business.

There are 4 comments

Comments are closed.