Adobe investigates PDF Reader zero-day vulnerability reports

Graham Cluley
Graham Cluley
@[email protected]

PDF imagery. Image from ShutterstockIn a brief blog post, Adobe’s security team has said that it is investigating reports of a brand new zero-day vulnerability affecting its Adobe Reader and Acrobat XI (11.0.1) products.

The concern is related to a blog post by security firm Fireeye who yesterday claimed to have uncovered a PDF zero-day vulnerability being exploited in the wild to infect computers.

Unfortunately, details in Fireeye’s blog post are scant – and so it’s currently impossible for SophosLabs to confirm if this is a genuine zero-day threat.

Nevertheless it would be sensible for all computer users to be extremely cautious about opening unsolicited PDF files. In fact, that’s good advice all year around – not just when there are rumours of a new unpatched vulnerability in Adobe’s software.

Sign up to our free newsletter.
Security news, advice, and tips.

SophosLabs continues to monitor the situation, and will update protection for Sophos users as appropriate.

PDF image from Shutterstock.

Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.