Adobe investigates PDF Reader zero-day vulnerability reports

PDF imagery. Image from ShutterstockIn a brief blog post, Adobe’s security team has said that it is investigating reports of a brand new zero-day vulnerability affecting its Adobe Reader and Acrobat XI (11.0.1) products.

The concern is related to a blog post by security firm Fireeye who yesterday claimed to have uncovered a PDF zero-day vulnerability being exploited in the wild to infect computers.

Unfortunately, details in Fireeye’s blog post are scant – and so it’s currently impossible for SophosLabs to confirm if this is a genuine zero-day threat.

Nevertheless it would be sensible for all computer users to be extremely cautious about opening unsolicited PDF files. In fact, that’s good advice all year around – not just when there are rumours of a new unpatched vulnerability in Adobe’s software.

SophosLabs continues to monitor the situation, and will update protection for Sophos users as appropriate.

PDF image from Shutterstock.