Sign up to our newsletter
This might be a good time to say "I told you so."
According to the SecurityFocus page, it’s known to affect Reader 8.1.4 and 9.1 for Linux, but it also suggests that other versions or platforms may be vulnerable, and links to an exploit. However, I’m not aware that the vulnerability is being used "in the wild" at the moment. If or when it is, it will probably be used for targeted attacks, as we’ve seen previously, though there’s no absolute reason why such vulnerabilities can’t be used for more random attacks too, so bear in mind that PDFs are not an automatically "safe" format.
I may come back to that thought, but for now I’m on my way to the Infosec exhibition in London, and will be there for much of the next three days. Maybe I’ll see some of you around the ESET UK stand, or at my presentation on testing?
David Harley BA CISSP FBCS CITP
Director of Malware Intelligence
Author David Harley, ESET