Malware Threatens 60% Of Adobe Reader Users

Six out of ten Adobe Reader users are running unpatched versions vulnerable to malware attacks, claim Avast Software researchers.

Adobe Reader is the world’s most popular PDF reader and a prime target for malware writers.

The Avast research was based on reports from users of the firm’s anti-virus software. Among users with Adobe Reader, only 40 percent had the latest or a fully patched version. One out of every five users were running an unpatched version at least two generations old (8.x).

According to Avast, malware PDF exploit packages look for a variety of security weaknesses in the targeted computer and attack when an uncovered vulnerability is discovered.

“Most exploits have been made to hit all vulnerable versions, not just one,” said Ondrej Vlcek, CTO, Avast Software.

“Libraries of code are shared between various Adobe versions which also means vulnerabilities are shared.”

Keeping on top of things

Brad Arkin, senior director of product security and privacy, Adobe said Avast’s data was believable and that it was critical users bring themselves up to date.

“We find that most consumers don’t bother updating a free app such as Adobe Reader as PDF files can be viewed in the older version,” he said.

“It is actually possible to be fully patched and up-to-date if you are running Adobe Reader 8 or 9, but I think a large percentage of users simply decline the update notification.”

The latest versions of Adobe Reader feature Protected View capability for isolating or ‘sandboxing’ PDFs in a virtual environment for added protection. Windows users are also urged to enable automatic updates to ensure they are secure.

Adobe Reader dominates the PDF reader market. It is run by over 80 percent of Avast users, more than a hundred million, compared to just 4.8 percent of users running the second most popular application, Foxit.

Earlier this year Avast and Sophos independently warned of malicious code hidden in PDFs.

David Jamieson

View Comments

  • Getting help from ADOBE is impossible. Their help just cynicallt wanders around in circles. I have Adobe 9.3.4 which has suddenlt refused to function at all. I have tried to download another copy but I'm baulked by the message "Abort. Certificate authorisation failed. Re-install to correct" Resnstall WHAT??. I'm actually trying to reinstall!! However I see that I have acquired an add-on called CPSID 83708 whhich has a serial ~ AC76BA86-7AD7-0000-2550-7A8C4000934. I suspect this is malware of some sort that is preventing from deleting the old version of 9.3.4 or of overwriting it we a new copy. Any help??

    Barry Hutton poobell22@yahoo.co.uk

Recent Posts

UK’s CMA Readies Cloud Sector “Behavioural” Remedies – Report

Targetting AWS, Microsoft? British competition regulator soon to announce “behavioural” remedies for cloud sector

11 hours ago

Former Policy Boss At X Nick Pickles, Joins Sam Altman Venture

Move to Elon Musk rival. Former senior executive at X joins Sam Altman's venture formerly…

13 hours ago

Bitcoin Rises Above $96,000 Amid Trump Optimism

Bitcoin price rises towards $100,000, amid investor optimism of friendlier US regulatory landscape under Donald…

15 hours ago

FTX Co-Founder Gary Wang Spared Prison

Judge Kaplan praises former FTX CTO Gary Wang for his co-operation against Sam Bankman-Fried during…

16 hours ago