Critical security hole in Adobe Acrobat PDF readers

Graham Cluley
Graham Cluley
@[email protected]

Adobe Acrobat PDF folder
Adobe has issued a security alert after a critical zero-day vulnerability was discovered in their popular PDF reading program which could allow hackers to take control of computers.

In a security bulletin issued yesterday, Adobe warned that the security hole would not be patched until 11th March.

The risk is that hackers could deliberately construct a malformed PDF file that would trigger the vulnerability, allowing them to open a backdoor and run malicious code on your computer. This would mean that criminals could, for instance, spam out a PDF file that would infect your PC, or plant malicious PDF content on a website.

As PDF files are so widely used on the internet, and regularly exchanged to share information, there is an obvious concern that hackers may be quick to take advantage of this vulnerability.

Sign up to our free newsletter.
Security news, advice, and tips.

Sophos is investigating the vulnerability and reports that exploit code has already been written.

Update: Fraser Howard of SophosLabs has blogged confirming the existence of a malicious PDF which exploits this vulnerability in order to install a Trojan horse onto innocent users’ computers. Sophos proactively detects the PDF as Mal/JSShell-B.

Fraser has also provided information about the workarounds that can be used alongside up-to-date anti-virus software to protect your computers while you are waiting for a patch from Adobe.

Further update:Fraser has gone on to blog about how Sophos can protect against the vulnerability with our behavioural buffer overflow protection. Very cool.

Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.