Adobe investigates PDF Reader zero-day vulnerability reports

Filed Under: Adobe, Featured, Malware, Vulnerability

PDF imagery. Image from ShutterstockIn a brief blog post, Adobe's security team has said that it is investigating reports of a brand new zero-day vulnerability affecting its Adobe Reader and Acrobat XI (11.0.1) products.

The concern is related to a blog post by security firm Fireeye who yesterday claimed to have uncovered a PDF zero-day vulnerability being exploited in the wild to infect computers.

Unfortunately, details in Fireeye's blog post are scant - and so it's currently impossible for SophosLabs to confirm if this is a genuine zero-day threat.

Nevertheless it would be sensible for all computer users to be extremely cautious about opening unsolicited PDF files. In fact, that's good advice all year around - not just when there are rumours of a new unpatched vulnerability in Adobe's software.

SophosLabs continues to monitor the situation, and will update protection for Sophos users as appropriate.

PDF image from Shutterstock.

, , , , ,

You might like

3 Responses to Adobe investigates PDF Reader zero-day vulnerability reports

  1. JimboC_Security · 623 days ago

    Adobe have now published a security advisory with advice on mitigating this flaw. Unfortunately the mitigation is only available to Adobe Reader 11 (XI) and Acrobat 11 (XI) users since it makes use of the new Protected View.

    Full details are available in the security advisory:

    http://www.adobe.com/support/security/advisories/apsa13-02.html

    Thank you.

  2. JimboC_Security · 622 days ago

    If you don't have version 11 of Adobe Reader or Acrobat installed, the workaround provided is not ideal.

    If you have Google Chrome installed on your computer you can use it to view PDFs (not sure if this also works for Mac OS X). Details of this workaround are available at the following link:
    http://www.h-online.com/security/news/item/Adobe-...

    Thanks.

  3. Amelia · 562 days ago

    So true about always being cautious when opening a PDF file. It seems that rumors get circulated every so often and then everyone is afraid to open anything. Thing is to just be cautious all the time with viewing things. I have had great success using a PDF Reader from http://www.foxitsoftware.com/ and have never had any fear or problems.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Graham Cluley runs his own award-winning computer security blog, and is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s. Now an independent security analyst, he regularly makes media appearances and gives computer security presentations. Send Graham an email, subscribe to his updates on Facebook, follow him on Twitter and App.net, and circle him on Google Plus for regular updates.