Viruses in pdf files?

In another thread I was asked to post a link supporting a statement of I made. I did so, this one. It’s a pdf file, looks like photos of an old WWII document.

Now the other poster says he won’t open it, that type of file is too dangerous to open.

Are web-based pdfs somehow more or less dangerous than going to any other strange web page?

Boyo Jim

I tried to open that file, & my Netscape crashed. :frowning:

This has happened in the past, & that’s why I don’t keep Adobe on the machine.

I didn’t say it was a virus that gave me problems, just the combo of Adobe, Netscape, & Windows XP. :frowning:

I really do wish I could open that file, but I’ve had so many problems with Adobe, both here & at work, that I hate using it.

I love reading about WW2 aircraft, but I just can’t get Adobe to work right.

Web based PDFs are just click on a link to a PDF and your browser (or rather a browser extension you acquired when you installed Adobe Reader) opens it in the browser window instead of downloading it and dumping it in a folder. (My experience is that it does this rather poorly, BTW).

Apparently there are viruses that can be transported in PDFs - I don’t know how common they are.

Another, almost unrelated, risk is double-extension-named files - the virus arrives as YourBill.PDF.exe but because your OS may be set up to hide extensions of known file types, it appears on your screen as YourBill.PDF and you open it.

In the other thread you said:

How was I to interpret those statements to mean you don’t have Acrobat reader installed? I simply can’t imagine getting along without it, at home or work. I really suggest you take another shot at it, as there are enormous amounts of data not accessible through other means.


It seems that malicious programs can be attached to pdf files, but not in the pdf file itself. These programs do not start automatically; the user can still choose whether to run the program or not.

So, I’d say that this poster’s fear of pdfs is irrational.

FYI, It worked okay for me running XP home with Firefox.

Worked for me.

I just renamed one of my pdf files to …pdf.exe. Acrobat Reader does not recognize it as a pdf file, which means I can only open it after it tells me it it is an unrecognized file type. I can still open it, but I have to tell the computer to use Acrobat to do so.

Maybe though there is a different set of alerts for IE web downloads than used by my Wondows Explorer.

Theoretically an absolutely perfectly written pdf viewer shouldn’t have any problems with viruses or other malware. But no program the size of Acrobat is anywhere close to perfect. Mistakes are made, people discover the mistakes, they find out how to exploit the mistakes. IIRC, there was such a problem discovered in Acrobat about 2 years ago.

That said, pdf is a really, really crappy format that is far from universally supported on various platforms. So I’d just as soon you not send me a pdf file either, thank you very much. I can get along just fine without Acrobat.

(MS Word files can contain truly dangerous things and should never be distributed. Save them as “rtf” files and send those.)

And Boyo Jim, maybe you misunderstood the post you seem to be replying to. An Evil Program with a .pdf.exe extension is not intended to be opened by Acrobat. It’s an .exe, the OS opens it.

Well, I’m certainly not an expert in this, but I thought the post by Mangetout suggested my computer interprets a file named *.pdf.exe as a PDF file. My computer doesn’t – in Windows Explorer it displays an icon indicating the file is executable. If I try to open it through Acrobat reader, it doesn’t even show in the dialog box unless I specify an “all file types” view.

But suppose the file I renamed as executable DID have a virus… would I be at risk trying to open it as an Acrobat file, or would it simply fail? I was under the impression that I would actually have to use a “Run” command, or double-click on the executable icon, before I would have problems. Is this correct?

Yes if it was a virus and you double clicked on it you’d be in trouble. The problem arises because you also should be able to view a true pdf file by double clicking on it. If you have the extension .pdf associated with Adobe Acrobat, when you double click on a .pdf file, Adobe Acrobat will start and the file will open. However if it’s really a virus.pdf.exe file and your OS has been set to suppress showing the .exe extension, when you double click on the virus file expecting to have Acrobat open – bingo you’ve got the virus.

I see that, but my OS does not seem to be misleading me about the file type. It gives me an exectucable icon, rather than an Acrobat icon, even if my extensions are suppressed, so at least I have some alert that it ISN’T an acrobat file.

Perhaps my question wasn’t clear. If I try to open such a file from within Acrobat, can it hurt me?

Actually, on thinking about it, there could be something to the ‘never open PDFs online’ thing - it could be that the browser plugin has vulnerabilities that aren’t present in the full-blown reader. I don’t know if this actually is the case, though.

I seem to have thrown a spanner in the works with my comment about double extension names; what I was talking about was not renamed files but email attachments that fool the recipient into opening them because they appear to be benign (such as .txt), when in fact they are executable files and Windows just happens to be hiding the real extension because .exe is a known file type (it does this by default in most installations of Windows).

There’s a free alternative to Adobe, gsview. It can also open postcript files, and works well on Windows.

Adobe’s a real bitch to open in a browser. Because I can never wait for them to be fully downloaded and I always click everywhere and they always lock up. So I just always download them first, then open them just with adobe, no browser. No problems.

A. The OS first looks into the file header for an icon to display. If there isn’t one, then the OS displays a default one. So if the virus writer put the pdf icon into the header, it would look like a pdf file to you.

Absolutely, positively never gauge the possible type of a file based on its icon. The icon can be quite misleading. Look only at the full file name.

Note that thanks to MS not “anticipating” security issues, the defaults in its OSes are basically the worst possible settings.

B. “such a file”? If you mean a real pdf file, that’s the OP. If you mean an executable, then Acrobat will just give you an error.

The issue Mangetout brought up, of an executable pretending to be a pdf file, has nothing to do with Acrobat running. You don’t even need a pdf viewer on your machine to get a virus that way.