- Experts find Adobe Reader hit by dangerous zero‑day exploit
- Malicious PDFs enable data theft and possible full takeover
- Patch pending, users urged to avoid untrusted files
Adobe Reader users have been warned to be careful with unsolicited documents coming in via email and social channels, as the popular PDF reader is vulnerable to a zero-day flaw whicht allows hackers to steal sensitive files and, in some scenarios, to even fully take over your device.
Security researcher Haifei Li found a “highly sophisticated, fingerprinting-style PDF exploit” being leveraged in the wild since December 2025, with attacks still currently ongoing.
“This ‘fingerprinting’ exploit has been confirmed to leverage a zero-day/unpatched vulnerability that works on the latest version of Adobe Reader without requiring any user interaction beyond opening a PDF file,” Li said. “Even more concerning, this exploit allows the threat actor to not only collect/steal local information but also potentially launch subsequent RCE/SBX attacks, which could lead to full control of the victim’s system.”
Article continues below
Targeting Russians
A separate report from an analyst with the alias Gi7w0rm says that the PDF lure being used in these attacks references ongoing events in the Russian oil and gas industry, and that it was written in Russian, suggesting who the targets might be.
Adobe is yet to release a patch to address this issue, and until that happens all Adobe Reader users are advised not to open PDF documents from untrusted contacts.
BleepingComputer notes network defenders can also mitigate attacks exploiting this vulnerability by monitoring and blocking HTTP/HTTPS traffic with the “Adobe Synchronizer” string in the User-Agent header.
“This zero-day/unpatched capability for broad information harvesting and the potential for subsequent RCE/SBX exploitation is enough for the security community to remain on high alert. This is why we have chosen to publish these findings immediately so users can stay vigilant,” the researcher concluded.
The best antivirus for all budgets
Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds. Make sure to click the Follow button!
And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form, and get regular updates from us on WhatsApp too.
https://cdn.mos.cms.futurecdn.net/ncL98vteKnP9dydmNAHGqN-1920-80.png
Source link
