Contents x
Risky Content Types
    • PDF
    Contents

    Risky Content Types

      • PDF
      Article Summary

      Glasswall CDR can identify various types of risky content and remove them from your files.

      You're able to set preferences for the following risky content depending on your file type:

      Risky content typeRisk LevelDescription
      AcroformHigh RiskAn AcroForm is a PDF that contains form fields ('Acrobat Form'). In addition to looking like a form, it may also contain active code (e.g. JavaScript) that could be malicious. AcroForms can also be used to hide objects inside other objects.
      ConnectionsHigh RiskThe Excel connections feature controls connections to external data sources. This may present a risk if the external data source is compromised with malware or lead to SQL injection attacks, where the external data source is an SQL database.
      Digital SignaturesLow RiskThe source document may have been signed with a digital signature. While the signing may not represent a threat, if the ownership and trust of the certificate chain has been compromised, it could trick a user into viewing a document containing something malicious.
      DDEHigh RiskDynamic Data Exchange (DDE) allows data to be shared between applications in some old versions of Windows. DDE within a Microsoft document presents risk, as it may be used to execute malicious code on the recipient's computer.
      Embedded FilesHigh RiskEmbedded objects are files, items, or entities that have been added into a different program or object (for instance, a gif in a Word document). Embedded objects within files may present risk if they provide a way for active code to be triggered or hide data within a document.
      Embedded ImagesMedium RiskEmbedded images are pictures where data has been incorporated into the file. They may present risk if they provide a way for malicious content to be hidden inside the image.
      External HyperlinksMedium RiskExternal hyperlinks redirect you to open something outside the file. A hyperlink may seem innocent, but it could route to a different destination than the link that’s displayed. Caution is advised when clicking links in documents.
      Foreign ObjectsMedium RiskForeign objects may include items like HTML code, images, or other media types. They allow the author to include elements from other file formats or programming languages within the file that could be malicious.​
      GeoTIFFMedium RiskGeoTIFF is an extension to the TIFF file format and can include metadata that describes the coordinate system, projection, and other spatial properties of an image that the owner may not intend to disclose.
      Internal HyperlinksMedium RiskInternal hyperlinks route you to a different place within a file. An internal hyperlink may seem innocent, but it could route you to a different destination than the link that’s displayed. Caution is advised when clicking links in documents.
      JavascriptHigh RiskJavaScript is a form of active code that may be benign in nature, but all too often is used by bad actors to mount an attack against the user or receiving system in a business document.
      MacrosHigh RiskMacros are sequences of events (including keystrokes or clicks) that can be automated. Macros may seem benign in nature, but all too often are used by bad actors to mount an attack against the user or receiving system in a business document.
      MetadataMedium RiskMetadata is data about other data. Metadata may reveal information the owner may not intend to disclose, such as what computer was used to create the document or the original author's name.
      PDF ActionsHigh RiskPDF actions are built-in functionality in PDF documents. PDFs could include buttons that execute JavaScript or links to untrustworthy external resources. This means they could be used to launch a phishing attack, download malware, or steal sensitive information.
      Review CommentsMedium RiskReview comments are comments that have been added to Microsoft files. They may reveal information the owner may not intend to disclose, such as tracked changes or the original author's name.
      ScriptsHigh RiskA script is a form of active code that may be benign in nature, but all too often is used by bad actors to mount an attack against the user or receiving system in a business document.



      For more information please contact us.

      Was this article helpful?
      What's Next