PROBLEMWhen a user accesses a PDFdocument, the document opens in Acrobat reader, but 2 events are created: an access allowed event and an access denied event. If GFI EndPointSecurity is configured to send an alert for access denied events, the alert will be a false positive.
In rare cases, the user may get a pop-up error that if they click OK, the document will open.
- GFI EndPointSecurity
- Adobe Acrobat Reader
SOLUTIONThe only solution to this problem is to create a rule in your email client to ignore these emails.
CAUSEWhen Acrobat Reader opens a PDF it launches 2 AcroRd32.exe processes. Our developers have found that one of these instances uses a token that is invalid thus causing an access denied event to be written.
GFI has opened a case with Adobe on this issue.