Attackers Exploiting Adobe Reader Zero-Day Since December
⚠ Haifei Li has identified a zero-day vulnerability in Adobe Reader that has been exploited since at least December via maliciously crafted PDFs. The attack uses a highly sophisticated, fingerprinting-style exploit that can harvest local data using Acrobat APIs and may enable follow-on RCE or sandbox escape without user interaction beyond opening a file. Li urges users to avoid PDFs from untrusted sources and to monitor network traffic for the Adobe Synchronizer User-Agent string as a temporary mitigation.
