In the good old days users dissatisfied with the Adobe Reader merely complained about its size and how slow it was to startup. Now there are other considerations too.
For one thing, the Adobe Reader is very popular which paints a proverbial target on its back. Bad guys get the most bang for the buck by targeting software used by many people. Since competing PDF readers are used by far fewer people, the bad guys won't, as a rule, bother finding and/or exploiting bugs in those programs. If for no other reason than this, using an alternate PDF viewer is the Defensive Computing thing to do.
Since the Adobe Reader is a huge program, it's more likely to contain bugs than smaller programs. I have no opinion on whether the Adobe Reader is more or less buggy than programs of comparable size, but any large application has a larger attack surface than a small application.
If you need the many features implemented by the large code base, so be it. But, if you can live with fewer features, a smaller program, as a rule, will be safer.
Starting with version 9, Adobe opted to include Flash in the Adobe Reader. The problem with this, to me, is that when patches are issued to Flash, there is a delay in applying them to the copy of Flash embedded in the Adobe Reader. And, the embedded copy of Flash is somewhat invisible, in that it doesn't show up in the list of installed Windows applications. Running buggy software that you can't see is not good Defensive Computing.
Speaking of bugs, Adobe thinks they should release bug fixes on a set schedule. At one point in time, their schedule was monthly. It has also been quarterly. In this day and age, bug fixes need to be released when they are ready. Sometimes Adobe deviates from their schedule, but just having a schedule is poor Defensive Computing.
To be as safe as possible, anyone running the Adobe Reader needs to remember to make two (Edit -> Preferences) configuration changes:
- Turn off the option to "allow opening of non-PDF file attachments with external applications" in the Trust Manager
I've lost track of the default values for these two settings (which may change at any time anyway) but regardless of the current default, these settings should be verified periodically.
Another annoyance comes into play when upgrading the Adobe Reader. It often (always?) requires Windows to be re-booted. What's up with that? Millions of Windows programs can update themselves without requiring the system to restart itself.
From a Defensive Computing perspective, I don't want applications making the types of changes to the operating system that necessitate a reboot. Not only is the reboot inconvenient, mucking around in the OS is an accident waiting to happen. Heck, I prefer portable applications specifically because they go out of their way to avoid impacting the system.
One change the Adobe Reader makes to the system is adding new programs that run automatically at startup time. This too, is poor Defensive Computing. I don't want anything to happen at system startup that doesn't absolutely have to happen. That is, I never want a problem with the Adobe Reader to get in the way of the computer booting up. One thing is important, one thing is not.
To that end, I've long been in the habit of disabling the Adobe Reader Speed Launcher (Reader_sl.exe). It's a knee jerk reaction for me at this point: update the Adobe Reader -> turn off the Speed Launcher.
Now, it's even worse. Recent versions of the Adobe Reader starting adding a second program to the list of auto-started applications, Adobe ARM (AdobeARM.exe).
So what's the safest PDF reader?
To me, it's the portable version of Sumatra.
Being portable, it makes no changes to the Operating System. It is also small and relatively feature-free. That is, there is less code and fewer features, making it safer by definition. The fact that you probably never heard of it, means few people use it, making it extremely unlikely that bad guys will target any bugs it may have.
If anyone sends you a PDF document, you are orders of magnitude safer opening it with the portable version of Sumatra.
Defensive Computing however, isn't everything. My main machine is configured to use Foxit by default, but the Adobe Reader is also installed. A couple times there were things that Foxit couldn't do, or do well, that were well handled by the Adobe Reader. If you need it you need it.
Why gripe about this now? When I updated the Adobe Reader today, I encountered yet another problem. More on that next time.