New Adobe zero-day threat discovered

By on
New Adobe zero-day threat discovered

Security experts are warning Adobe customers to be extra vigilant following the discovery of an attack that attempts to exploit a new zero-day vulnerability in Adobe's Reader and Acrobat products.

In a blog posting late yesterday, Symantec's Security Response team said it had received a "tip from a source" that there was a potential zero-day vulnerability in the wild affecting Reader and Acrobat.

"We have indeed confirmed the existence of a 0-day vulnerability in these products," the posting continued.

"The PDF file we discovered arrives as an email attachment. The attack attempts to lure email recipients into opening the attachment. When the file is opened, a malicious file is dropped and run on a fully patched system with either Adobe Reader or Acrobat installed. Symantec products detect the file as Trojan.Pidief.H."

Adobe has since confirmed it has received and is investigating the "reports of a vulnerability in Adobe Reader and Acrobat 9.2 and earlier versions".

"We will provide an update as soon as we have more information," read a post on the firm's Product Security Incident Response Team (PSIRT) blog.

Got a news tip for our journalists? Share it with us anonymously here.
Copyright ©v3.co.uk
Tags:
acrobat adobe file reader security software vulnerability

Partner Content

Channel can help lead customers to boosting workplace wellbeing with professional headsets
Channel can help lead customers to boosting workplace wellbeing with professional headsets
How NinjaOne Is Supporting The Channel As It Builds An Innovative Global Partner Program
How NinjaOne Is Supporting The Channel As It Builds An Innovative Global Partner Program
Build cybersecurity capability with award winning Fortinet training from Ingram Micro
Build cybersecurity capability with award winning Fortinet training from Ingram Micro
Tech For Good program gives purpose and strong business outcomes
Tech For Good program gives purpose and strong business outcomes
Kaseya Dattocon APAC 2024 is Back
Kaseya Dattocon APAC 2024 is Back

Sponsored Whitepapers

F5’s 2025 Report: Unlocking AI Success by Conquering App & API Complexity
F5’s 2025 Report: Unlocking AI Success by Conquering App & API Complexity
Driving Innovation and Sustainability through Hybrid IT and AI Solutions
Driving Innovation and Sustainability through Hybrid IT and AI Solutions
Easing the burden of Microsoft CSP management
Easing the burden of Microsoft CSP management
Stop Fraud Before It Starts: A Must-Read Guide for Safer Customer Communications
Stop Fraud Before It Starts: A Must-Read Guide for Safer Customer Communications
The Cybersecurity Playbook for Partners in Asia Pacific and Japan
The Cybersecurity Playbook for Partners in Asia Pacific and Japan

Events

techpartner.news Channel Leader List / Golf day
techpartner.news Channel Leader List / Golf day
techpartner.news Pipeline Conference 2025
techpartner.news Pipeline Conference 2025
Integrate Expo 2025
Integrate Expo 2025
Security Exhibition & Conference 2025
Security Exhibition & Conference 2025
techpartner.news Benchmark Security Awards 2025
techpartner.news Benchmark Security Awards 2025

Most read articles

NEXTGEN "realigns" structure

NEXTGEN "realigns" structure
Ingram Micro "grateful" for customers' support during cybersecurity incident

Ingram Micro "grateful" for customers' support during cybersecurity incident
The Aussie startup building an integration platform for MSPs and SIs

The Aussie startup building an integration platform for MSPs and SIs
Atturra's FY25 revenue to exceed $300m

Atturra's FY25 revenue to exceed $300m

Log in

Email:
Password:
  |  Forgot your password?