|9.0||None, but enhanced security is introduced which restricts cross domain communications when enabled.|
|8.1.7 & 9.2||None.|
|8.2 & 9.3||Enhanced security is turned on by default. Enhanced security settings now take precedence over Trust Manager internet access settings.|
For 9.2 and earlier, this feature overrides enhanced security settings for files and folders. With 9.3, enhanced security settings take precedence. For example, with enhanced security enabled, files and folders can be trusted as privileged locations and access will be granted even if Trust Manager is set to “Block all.” Also, cross domain access always requires specifically trusting those domains as a privileged location in the Enhanced Security panel–simply trusting those sites in the Trust Manager will not work.
Internet access panel
To control web site access behavior:
Manage Internet Access dialog
If you choose the custom settings option, the Web Sites panel becomes active and you can enter unique URLs. URLs must begin with www and end with a valid suffix. The Acrobat family of products maintains a white and black list of URLs called the Trust List. Users can specify whether or not URL access is allowed on a global or per-URL basis.
Manage Internet Access dialog
For URLs that aren’t explicitly trusted or blocked (they are not on the white or black list), a warning appears whenever a document tries to access the Internet. When you check Remember my action for this site, the site is added to your URL white or black list.
Blocked URL alert
External connection warning
Multimedia poses a security risk because it could potentially change the document’s appearance or present security holes through multimedia players. There are two types of multimedia, and application behavior varies with each type:
|8.2 & 9.3||
|9.5 & 10.1.2||
Multimedia trust is integrated into the Trust Manager framework and the following changes have been made:
|11.0||The product no longer uses an embedded Flash player. Instead, the product leverages the user’s system player such as the Flash Player plug-in for browsers which use the Netscape plug-in API for FireFox and Safari. It is therefore subject to the browser’s security restrictions and limitations. For example, Flash local connections and
To configure multimedia preferences:
Beginning with 9.5 and 10.1.2, trust for legacy multimedia formats is stored in
cMultiMedia. Prior versions stored information about trusted and untrusted documents for legacy multimedia types in a file called TMDocs.sav.
Configure the Trust Options panel:
Check or uncheck Allow multimedia operations.
Set multimedia player permissions as follows: Select the player in the list and select an option from the Change permission for selected multimedia player to drop-down list:
- Always: The player is used without prompting.
- Never: Prevents the player from being used.
- Prompt: Prompts the user to enable the player when a media clip tries to use that player.
Select one or more of the playback options:
- Allow playback in floating window with no title bars: Opens the media in a separate window without a title bar.
- Allow document to set title text in a floating-playback window: Opens the media in a separate window with a title bar.
- Allow playback in full-screen window: Opens the media in full-screen mode.
Membership on the trusted document list is permanent until the list is manually cleared. Choose Clear to remove all documents from that list.
There are several ways to assign trust so that this feature works in a trusted context:
[HKCU\Software\Adobe\<product name>\<version>\TrustManager\<cTrustedSites or TrustedFolders>\] "cMultiMedia"
Certificate trust settings
Trust is stored in TMDocs.sav. Once a document is trusted, it is added to the Trusted Document list and will always use the preferences set for trusted documents. You can clear this list by selecting Clear in the Multimedia Trust panel.
Membership on the trusted document list is permanent until the list is manually cleared. Therefore, once a document is on that list, changing the certificate trust level to disallowing dynamic content will have no effect.
Multimedia behavior workflow
For 9.3 and 8.2, modal dialogs have been replaced by a Yellow Message Bar. The options button allows users to trust once or always. Choosing Always adds the item to the already existing Trusted Documents list.
For versions 8.2-9.3 to 9.4.7-10.1.1, this feature does not interact with enhanced security and the Trusted Documents list is not the same as the privileged locations list. Trust is stored in a file called TMDocs.sav.
9.3-8.2 & later: Multimedia user trust assignment locked
9.3-8.2 & later: Multimedia user trust assignment not locked
These product versions displayed the dialog below rather than the YMB.
9.2-8.1.7 and earlier: Manage Trust for Multimedia Content dialog
|pre 9.2||External streams can be managed through preferences in the user interface.|
|8.1.7 & 9.2||External streams can be blocked by enabling enhanced security.|
The application can inform you when a PDF file tries to access external content identified as a stream object by flags which are defined in the PDF Reference. For example, an URL might point to an image external to the document. Only PDF developers create PDF files with streams, so you may not need to enable access to external content. This feature interacts with enhanced security as shown below:
|XObject setting||Enhanced Security||Behavior|
|Never||On||No XObject access; proxy displays, if any.|
|Never||Off||No XObject access; proxy displays, if any.|
|Always||On (w/ privileged location set)||XObject displays.|
|Always||Off||No XObject access; proxy displays, if any.|
To configure external content access:
Choose Preferences > Page Display.
Configure the Reference XObjects View Mode panel. Set Show reference XObject targets to:
- Only PDF/X-5 compliant ones
Set the location of referenced files (if any).
9.x products change the default behavior with 9.5.1 because the dynamic nature of 3D provides the potential for it to be subject to security vulnerabilities. Several new changes have been implemented:
3D is disabled by default.
The user interface has a new checkbox at Preferences > 3D and Multimedia > Enable 3D Content.
3D content has been integrated into the Trust Framework so that it’s possible to display 3D content for trusted content even when 3D is disabled. The feature allows you to:
Disable or enable 3D content.
Trust files, folders, and hosts as privileged locations via Preferences > Security (Enhanced) > Privileged Locations panel so that when a PDF with 3D content opens:
- If it is trusted, the 3D content renders.
- If it is not trusted, a Yellow Message Bar appears which says “Some features have been disabled due to potential security risks. Only enable these features if you trust this document.”
- Options button provides the Trust Once and Trust Always options.
Enterprise IT can configure the end user settings via
Enterprise IT can disable and lock 3D rendering so that the user cannot change the setting via
This is a 9.5.1-only change since Protected Mode in 10.x products provides effective mitigation against 3D attack vectors.
Beginning with 9.5.1, Adobe Reader and Acrobat no longer include a Flash Player for displaying Flash in PDF files. Instead, rendering Flash content embedded in a PDF now requires that a Flash Player already resides on the user machine. This new strategy simplifies Acrobat and Reader deployments by reducing the number of future required updates should a security issue arise. Moreover, you can now manage and update Acrobat products and Flash individually.
If you open a PDF that requires Flash, a dialog prompts you to download and install the latest Flash player. To preinstall Flash, go here:
Flash de-coupling is not available in Safari for this release. Otherwise, Acrobat 9.x products require the Flash Player browser plug-in (Safari and Firefox) version 11.2 or higher. Flash Player 11.2 stopped supporting Windows 2000 and Mac OS lower than 10.6. Therefore, users need at least Windows XP and Mac OS 10.6.x to view Flash content in a PDF.
Enterprise IT can control how Flash plays within PDFs by setting the bEnableFlash registry entry (Win) or EnableFlash plist entry (Mac). When set to 0, Flash only plays if the PDF is a trusted privileged location. The paths are as follows:
HKLM\SOFTWARE\Policies\Adobe\[Adobe Reader|Adobe Acrobat]\9.0\FeatureLockDown\bEnableFlash
HKLM\SOFTWARE\Wow6432Node\Adobe\[Adobe Reader|Adobe Acrobat]\9.0\ FeatureLockDown\bEnableFlash
Contents::MacOS::Preferences << FeatureLockdown << /EnableFlash [ /b false ] >>
|bEnableFlash = 0||Flash does not play within PDFs.|
|bEnableFlash = 1||Default. Same as when the key is not present. Play Flash in any PDF file without restriction.|
Note that this change results in two new behaviors:
bEnableFlash= 0, Flash content is rendered as an empty, white box and does not play. A yellow message bar also appears at the top of the document stating that “Some features are disabled to avoid potential security risks.”
bEnableFlash= 1, Flash plays if there is a system player present. If a player is not found, then the user is prompted to download the latest version.