Summary
A zero-day actively exploited vulnerability in Adobe Reader's JavaScript engine allows attackers to exfiltrate system data and potentially execute remote code via malicious PDF files.
Take Action:
If you use Adobe Reader, open it right now and disable JavaScript by going to Edit > Preferences > JavaScript and uncheck "Enable Acrobat JavaScript". This blocks the exploit's main attack path. Until Adobe releases a patch, don't open any PDF files from unknown or unexpected sources, and if you must view untrusted PDFs, use a browser-based viewer like Chrome or Edge instead of Adobe Reader. Always verify the source of PDF files before opening them.
Read the full article on BeyondMachines
This article was originally published on BeyondMachines
Top comments (0)