New Adobe PDF bug can get you hacked with just one click

New Adobe PDF bug can get you hacked with just one click

Among all the file types that cybercriminals are using for duping you, PDF files are the most popular vectors for cyberattacks.

They can be disguised as anything really. From receipts, delivery notices and invoices to eBooks and application forms, the trickery knows no bounds.

If you fall for a malicious PDF, the consequences can be severe. You and your organization can be infected with ransomware. Your files and data can be stolen. Hackers can install keyloggers, spying software, web hijackers and even take complete control of your computer.

Why are PDFs so popular with cybercriminals?

For one, they are easy to create and distribute. Malicious scripts using JavaScript and VisualBasic can be embedded within PDF files and duplicated endlessly. Scammers typically send these malicious PDFs via phishing emails or links to their targeted victims, hoping to trick them into clicking the attachment.

If you use Adobe’s Acrobat Reader to view PDFs, read on and I’ll tell you about these newly discovered flaws that can put you into harm’s way.

New Adobe Acrobat PDF bugs

Security researchers from Cisco Talos revealed new bugs in Adobe Acrobat Reader could allow hackers to take control of your computer. The bugs are critical since they include zero-day exploits that can compromise your computer with just a single click of a malicious PDF.

Note: Zero-day exploits are previously unknown software exploits that are already being used by hackers even before the software makers are made aware of them.

These zero-day exploits are use-after-free flaws that allow a hacker to embed malicious Javascript within a PDF document and run their own code.

Be careful! Opening a poisoned PDF file or a booby-trapped webpage is enough to trigger this exploit.

Get the latest Adobe patches now

Thankfully, Adobe has already issued critical updates to patch these new flaws in Adobe Reader.

It’s interesting that this is the second set of patches that Adobe issued this month. Remember, the company issued its regular Patch Tuesday fixes last week for a variety of critical bugs in its products.

However, the new emergency update is rated Priority 1, meaning the flaws have a higher risk of already being targeted and exploited in the wild.

This makes it extra important to update your Adobe Reader software as soon as possible.

Overall, 47 fixes were issued by Adobe, affecting different versions of Adobe Acrobat and Photoshop for both Windows and Macs.

How to update Acrobat Reader

Adobe recommends users update their software installations to the latest versions by following the instructions below.

  • Users can update their product installations manually by choosing Help >> Check for Updates.
  • The products will update automatically, without requiring user intervention, when updates are detected.
  • The full Acrobat Reader installer can be downloaded from the Acrobat Reader Download Center.

Did you update Google Chrome recently? You may have a problem

If you have recently updated to the last major Google Chrome version, you may have noticed a welcome new feature that stops autoplay videos. However, the feature has one big problem and it’s actually breaking the web for some people. Read on and I’ll tell you the latest about Google Chrome and why there’s a fuss about this update.

Note: Facebook has greatly reduced the distribution of our stories in our readers’ news feeds. When you share our articles to your friends, however, you greatly help distribute our content. Please take a moment and consider sharing this article with your friends and family. Thank you.

Tags: cybercriminals, Facebook, Google, Google Chrome, hackers, security