Adobe PDF Plugin Security

Adobe PDF Security Plugins & Plug-in Vulnerabilities

PDF Plug-in Vulnerabilities & Acrobat Reader Security

Plug-ins are dangerous. If you are relying on plug-ins for your PDF security you might want to be aware that they may not have all the security that some manufacturers like to claim.

“Because of the plug-in architecture of Acrobat and PDF readers, it makes PDF a less-secure platform for DRM” – ElcomSoft CEO Vladimir Katalov.

While PDF security plugins may seem convienient, they require Admin rights to install (so offer no additional installation benefits) and can put your protected PDF documents at risk.

Free 15 Day Trial

Protect PDF files – Stop misuse

Stop unauthorized access and sharing
Control use – stop printing, copying, editing, etc.
Lock use to devices, countries, locations
Control expiry, revoke files at any time
No insecure plugins or passwords

Plugins can be overruled
A plugin from one manufacturer can stop a plugin from another manufacturer from:
- not working correctly
- not working at all
- changing what controls it enforces
Plugins can be easily broken
Plugins may suddenly stop working when there is:
- an update to the application it plugs into
- an update to another plugin within the application
And if you think about all the different Operating Systems and versions of Adobe Acrobat that have to be supported (a plugin may work in one version but not another) you can see how the situation quickly gets out of control.
Anyone can write a plugin for Acrobat
- Anyone can write a plug-in for Adobe Acrobat Standard or Professional without obtaining an IKLA.
- If a company has an IKLA with Adobe Systems, it does not mean that their product is certified as fit for purpose, is secure, or will not create weaknesses in the system.
- Plugin writers can forge signatures so that their plug-ins run in certified mode where they are given special privileges which can harm the system.
Plugins need Admin rights to install
Companies selling plugin solutions will claim they are easier for users to install. This is not true.
- They require the same Administrator rights as installing any other software.
- They are often more complex to install since they can clash with other plugins already installed – this can cause them to fail to install, or install incorrectly (i.e. they won’t work at all or as expected).
And unlike application software they can create a gateway for other applications or malware to enter, decreasing the overall security of the application they are plugged in to.

Adobe Plug-ins and Security issues

Adobe PDF plugins

In the PDF world it is commonplace to use plug-ins to provide extra functionality and features. But they are known to also create security holes. The highly respected CERT organization reported the following in respect of the Adobe system:

http://www.kb.cert.org/vuls/id/JSHA-5PAMS7

However, it is openly admitted that ‘legitimate’ plug-ins may compromize the security of a system. We reproduce some of the text published in the CERT report:

“Developers can freely write plug-ins for Adobe Acrobat. An Adobe Reader plugin requires a license agreement and an enabling key from Adobe as part of the Adobe Reader Integration Key License Agreement (IKLA). The purpose of the Reader enabling plugin architecture and IKLA is for licensing only and does not imply suitability or endorsement by Adobe of third party plug-ins. The Certified Mode of both Adobe Acrobat and Adobe Reader is used to provide added assurances that only plug-ins provided by Adobe are compatible. All third party plug-ins are restricted to non-certified mode.”

And

“Be careful not to install untrusted software, including non-certified Adobe plug-ins (those not signed and deployed by Adobe), unless absolutely certain of the origin and integrity of such software. Unverified non-certified plug-ins can be removed from the plug-ins directory, and they will no longer load at startup.”

So what does this all mean?

A company may have an IKLA with Adobe Systems, but that does not mean that their product is certified as fit for purpose and is not vulnerable to weaknesses in the system or does not create weaknesses in the system.
If you examine the licensing system in force at the date if this article, anyone can write a plug-in for Adobe Acrobat Standard or Professional without obtaining an IKLA. That means any third party can write a perfectly valid and appropriate plug-in that extracts text from an open PDF document without it having been deliberately designed to break any security systems. Unfortunately, by it’s very nature it does just that. There are many legitimate plug-ins on the market today that have this capability which are not hacking tools and were not developed for that purpose.

We respect the advice given by CERT, but note that if an attacker permits the loading of unverified non-certified plug-ins (which happens by default in all versions of Adobe unless you specifically check a box to say otherwise) they may introduce vulnerabilities. Of course, one must assume that this is precisely what any attacker would therefore do.

Normal users familiar with their desktop plug-ins can hardly be criticized for using non-certified plug-ins when you can hardly expect them to understand any of these arcane technical issues, still less comply with them.

Adobe PDF plugins and certified mode “protection”

There are many Adobe Acrobat and Adobe Reader plug-ins that can load (by design) only in certified mode. One example is all documents protected with “Adobe DRM” security handler (so-called eBooks). Certified mode assures that all other plug-ins, loaded with those ones, have been also certified by Adobe. However, with this vulnerability, a plug-in with forged signature can perform virtually everything, including but not limited to:

removing or modifying any restrictions (from copying text to Clipboard, printing etc) from the documents loaded into Adobe Acrobat or Adobe Reader
remove any DRM (Digital Rights Management) schemes from PDF documents, regardless the encryption handler used – WebBuy, InterTrust DocBox, Adobe DRM (EBX) etc.
modify or remove digital signatures used within a PDF document
affect any/all other aspects of a document’s confidentiality, integrity and authenticity.

Still think plug-ins are safe?

Don’t just take our word for it, if you think plug-ins can’t compromise your security then read what Byran Guignard, an Adobe Certified expert, has to say.

The following white paper, Plug-ins – a source of insecurity, examines and questions the claims often made by plug-in suppliers that they are secure, giving published examples of where they are not. It demonstrates why you should not purchase a document security solution that relies on plugins.

Why Locklizard for PDF Protection?

Locklizard PDF Security – Total PDF DRM Security without Plugins or Passwords

Locklizard security cannot be compromised by plug-ins because we prevent all plug-ins from being loaded so that no vulnerabilities can be introduced.

Locklizard takes your document protection seriously. We provide total PDF protection with US Gov strength AES 256 bit encryption, public key technology, DRM and licensing controls, to ensure your PDF files remain protected no matter where they reside.

Our DRM PDF Security products enable you to share documents securely without insecure passwords or plug-ins, and enforce access, location, expiry, and usage controls.
Unlike Adobe Permissions which can be easily removed, our DRM controls persistently protect your PDF files and enable you to revoke PDFs at any time regardless of where they are.
No keys are exposed to users or interfaces and documents are only ever decrypted in memory – see our DRM technology.
Our easy to use adminsitration system provides simple user and document management and unlike passwords, keys are transparently and securely managed for you.

See our customer testimonials or read our case studies to see why thousands of organizations use Locklizard PDF security to securely share and sell their documents.

DRM SECURITY ITEMS

	PDF Security Issues
	Plugin & API Security
	PDF Plugins & DRM
	Flash Security Issues
	Our DRM Technology

“Locklizard is the clear leader in the field for content protection. The ease of use by customers and the effectiveness of their PDF DRM product is definitely the best.”

Customer Testimonials