Critical security hole in Adobe Acrobat PDF readers

Graham Cluley
Graham Cluley
@[email protected]

Adobe has issued a security alert after a critical zero-day vulnerability was discovered in their popular PDF reading program which could allow hackers to take control of computers.

In a security bulletin issued yesterday, Adobe warned that the security hole would not be patched until 11th March.

The risk is that hackers could deliberately construct a malformed PDF file that would trigger the vulnerability, allowing them to open a backdoor and run malicious code on your computer. This would mean that criminals could, for instance, spam out a PDF file that would infect your PC, or plant malicious PDF content on a website.

As PDF files are so widely used on the internet, and regularly exchanged to share information, there is an obvious concern that hackers may be quick to take advantage of this vulnerability.

Sophos is investigating the vulnerability…

Read more in my article on the Naked Security website.

Found this article interesting? Follow Graham Cluley on Twitter or Mastodon to read more of the exclusive content we post.

Graham Cluley is a veteran of the cybersecurity industry, having worked for a number of security companies since the early 1990s when he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows. Now an independent analyst, he regularly makes media appearances and is an international public speaker on the topic of cybersecurity, hackers, and online privacy. Follow him on Twitter, Mastodon, Bluesky, or drop him an email.