Autocad PDF Drivers has a PDF Exploit causing email servers to flag as SPAM

I am having the same issues with one of my clients, as well.  When I use the DWG to PDF.pc3 plot files and plot a single sheet at a time (one sheet into one file), I have no issues (High Quality, Smallest File, Web and Mobile etc).  It is when I try and publish the PDF sheets into one file, that they get the PDF.Exploit 2018 flag.  

I just contacted my reseller, and this is the first he has heard of it.  He is contacting Autodesk, but since it is not a critical issue, he said it may take them a week or two to address.  As I stated before, single sheet PDF files do not create an issue.  It seems to be localized to the publishing application only (multiple sheets within a single file).  I am having to publish and then reprint using google docs within my google drive account.  This seems to remove any flags to the "PDF-exploit" status.  The only other work-around would be to print each individual sheet, and use a PDF program to combine the files together into one PDF file.   I hope this is addressed sooner than later, as it is a time-consuming process.

Thanks Todd.  I think Glenn's solution provided previously offers the easiest solution, especially when it comes to generating PDF files that include multiple sheets.  This way you can let autocad generate the flawed multi-sheet file, then reprint the same file again using your alternate PDF software product to eliminate the issue. 

Thanks.  That is what I am having to do.  I was making the suggestion that there may be some products out there that combine multiple files into one file, as an option.  When I print out the single sheets, there is no issue with the file...only on multi-sheet files.

---

@gusk wrote:

Thanks Todd.  I think Glenn's solution provided previously offers the easiest solution, especially when it comes to generating PDF files that include multiple sheets.  This way you can let autocad generate the flawed multi-sheet file, then reprint the same file again using your alternate PDF software product to eliminate the issue. 

---

I agree with you.  I just did a test, 1) reprinting the published file, and 2) printing each individual sheet and then merging in google drive.  The reprinted file was 75% the size of the merged file.  I will reprint until Autodesk or MS can come up with a solution.  Thank you for the suggestion.

I personally printed single sheets using all PDF options (High Res, Mobile and Web etc), and had no issues with them.  When I selected more than one sheet and chose Publish, with any of the aforementioned PDF options, it showed up as having a virus.

 

Todd 

@john.vellek wrote:

Hi @gusk,

 

Thanks for bringing this issue to my attention.  We are actively investigating this issue and I hope that I can offer some more details quickly.

 

In my personal research on this issue, (one site I used for information) this vulnerability first surfaced in May.  Apparently some people have been able to resolve it  by updating their PDF Readers to the most current version.  It appears though that there are some Anti-Virus solutions that are still tagging PDF files that have this vulnerability.

 

Some users have indicated that Publish vs Print have different results with this problem  but I suspect that it is actually the page setup and plotter configuration that gets used by either command that will dictate the result.

 

Printing  the PDF to a new PDF file is a great workaround if you are facing this situation.

 

I will follow up when I have more solid information.

 

Thanks to everything experiencing this problem for your patience.

---

Hi @toddttucker68,

Thanks for the additional information. When you use Publish, are you using the Plotter Named in Page Setup option?

Normally, I select PDF, and then Publish (my default is a page PLT file).  But when I discovered the issue, I went to my page manager and selected PDF as the default, and tried to publish it that way (using the page default), and still had the same results.

Hi @Anonymous,

I believe this issue has been resolved by new antivirus definitions being release. If you are experiencing this issue make sure that your definitions are fully updated.  Please let me know what security application you are running and the definition version.

Please select the Accept as Solution button if my post solves your issue or answers your question.

Hi John.  I believe either the PDF drivers in autodesk software need to be updated or email servers will need to allow PDF files with the exploit to continue to be received and directed to their intended email users.  The email server that services my client that flagged my files was part of Microsoft 365.  Unless Microsoft is going to revert back to their former server policies, I see this problem will continue and grow.  Hopefully you have already spoken with representatives from Microsoft to get their thoughts and perspective.  If you have, I'd be very interested in hearing more.  

In time I suspect other email services will adopt similar policies and you will see more complaints/issues.  In the meantime, I'll continue to reprint PDF files since that is the best band-aid suggested to date.  Hopefully there will be an autocad update that includes updated PDF print drivers issued soon.  Thank you.  

Hi @gusk,

I use Office 365  for mail services and none of my PDF tests have failed to have been delivered.  I suspect that this might be the definitions being applied to the one server you hit in the farm.  To my knowledge, definitions have been updated so email servers with current definitions should not be blocking these files any longer.   If you are able to show otherwise, it would be helpful to continue the team's efforts to get the issue resolved.