The popular PDF reader Adobe Reader is facing the risk of exploitation through a file-processing vulnerability, affecting versions such as Adobe Acrobat DC, Adobe Acrobat Reader DC, and Adobe Acrobat 2024 on both Windows and macOS.

Attackers use PDF files embedded with malicious code capable of exploiting this vulnerability and distribute them via email, social media, or messaging applications. When users open the file, the malware is automatically activated without requiring any further action, allowing attackers to access data, monitor activities, and even take control of the device. This attack method mainly exploits users’ habit of opening files from untrusted sources.

In response to this threat, Bkav cybersecurity experts recommend that users:

• Update Adobe Reader immediately to the latest patched version.
• Do not open suspicious PDF files received via email or applications such as Zalo or Facebook.
• Only download and open documents from trusted sources, and carefully verify the sender before opening files.
• Be cautious with files sent unexpectedly, even from acquaintances.
• Use security software to improve the ability to detect and prevent malware.

Bkav