User:Usama4745/sandbox

Portable Document Format security is concerned with the protection of information and property from theft, corruption, and attack. Its main purpose it to make sure information is productive and accessible to its intended users.

History
From its early stages of development in the 1990s, PDF started including security features. Over the years, several threats have been clearly identified including the following:

attack technique.
 * In 2000, a conceptual weakness was identified with the ability of Adobe reader to run malicious scripts related to a particular link. This attack used the XSS (Cross Site Scripting)


 * In 2001, Outlook PDFWorm (Trend Micro, 2000) was identified and spread through PDF documents as Microsoft Outlook email attachments. It appeared as a game running a malicious code imbedded in the document.


 * In 2003, the W32 Yourde virus that exploited a vulnerability in Acrobat 5.0.5 was discovered . A corrupted PDF document exploited a vulnerability in the JavaScript parsing engine to lead Acrobat into using plug-ins folders.


 * Early PDF document security relied on a weak 40 bit encryption with methods to crack it readily available online. As a result, Adobe added a 128 bit encryption in May 2006 for better protection. Later in december 2006, another critical XSS attack through PDF documents was discovered.


 * On March 30, 2010, an Adobe Reader and Foxit Reader exploit that runs a malicious executable is identified.

Risks and vulnerabilities
Adobe Reader and Acrobat products are supported by a large and complex code including several proprietary extensions. This apparent flexibility translates into a broad attack surface that is difficult for Adobe and anti-malware vendors to defend. For example, most PDF related tools allow their users to copy or print without paying attention to password or protection. Vulnerabilities are quite common in Adobe Reader's long history with Adobe Systems providing appropriate solutions.

Most PDF security concerns arise around the use of the full version of Adobe Acrobat whereas PDF documents are only the object of security analysis that is restricted to attacks and vulnerabilities.

Like HTML files, PDF files are also vulnerable. Here, vulnerability of a PDF document means its susceptibility to flaw, attackers access to the flaw, and their capability to exploit the flaw. Later, Adobe introduced a function that allows the original author to audit file usage. However, the use of restrictions that a document author places on a PDF document is not secure, and cannot be assured once the file is distributed.

Exploits
The PDF standard allowing related documents to be imbedded with JavaScript is indeed a vulnerability that can be prevented by disabling the script execution and inhibit such exploits. This action is far more helpful than any support from compatibility.

Around 2013, FireEye, a cybersecurity company, discovered that attackers use a remote code execution exploit called Zero-day exploit that bypasses the sandbox anti-exploitation and works against the Adobe Reader 9, 10 and 11.

As an example effort to reduce exploitation, Adobe Systems has implemented auto-update features, developed the Adobe Reader protected mode, a secure sandbox for displaying PDF documents and restricting external malware calls. In addition, Return-oriented programming (ROP) and stolen digital certificates have played significant roles in recent exploits.

Updating Adobe Reader or Acrobat to the latest version, enabling auto-update, disabling Javascript or simply considering alternative PDF readers.Finally, educating users about the risks of attacks from PDF documents.

Solutions
Over time, Adobe Systems has provided solutions to deal with new vulnerabilities as soon as they were discovered in various versions of Adobe Reader. For example, the company publishes security bulletins in their Security bulletins and advisories page.

Robust means of information rights management like Adobe LiveCycle Rights Management and Locklizard PDF DRM are some of the commercial solutions offered on the market. They restrict document access and also reliably enforce permissions better than standard security handlers.

DRM
PDF documents are also subject to the application of digital rights management (DRM) technology. The purpose of DRM is to prevent the unauthorized use and control access to corporate documents, limit copying, editing and printing. The application of Enterprise digital rights management technology to control access to corporate documents in PDF format is also quite common. This technology also known as IRM (Information Rights Management), integrates with content management system software and is generally intended to prevent the unauthorized use of private and confidential documents.

Encryption
PDFs may be encrypted so that a password is needed to view or edit the contents. The PDF Reference defines both 40-bit and 128-bit encryption, both making use of a complex system of RC4 and MD5. The PDF Reference also defines ways that third parties can define their own encryption systems for PDF. The PDF Reference has technical details for an end-user overview.

Watermarking and others
Adobe Systems recommends that any PDF application concerned with security, implements a combination of application sandboxing, data execution protection including non-executable memory, address space layout randomization, and stack cookies as defense mechanism. Watermarking is often used for enforcing copyright on PDF files and help provide evidence in legal situations rather than as a restriction. A standard pdf watermark works well for PDF distribution because its of its consistent appearance.

A number of applications (ex. Google Chrome) provides secure internal viewing that protects content against malicious exploit. This technique is called sandboxing.