News: Adobe Reader 0-Day exploit found – Trojan Dropper

In what might well become a dangerous exploit to have on hand, a group out of Russia called Group-IB have claimed to have found a 0-day (pre-release) exploit which could turn Adobe Reader into a Trojan Dropper. The bad part about it, is that the release is for the most recent versions, v10 and v11 of the software. There seems to be a work-around for the update system which will make it seem like it's up to date, when in fact the version you have is infected.  Due to this, you should only download the software or the plugin directly from the Adobe website. We do not know at this time, if it's not an official release, or even if it is, and then gets infected

Hide My Ass VPN Service

How much does something like this go for? The price to release how it's done is selling for as much as $50k, with a small amount of people currently knowing how it's done. Think of it as a ransom to Adobe and their reputation, if it proves to be legit.

Here's a video showing the trojan in process, note that the trojan is not run, until after the PDF file is closed, and that it does work from within browsers or on a stand-alone basis. It is only MS Windows based at this time, and Calculator is run as a proof of concept.

HideMyAss.comSome Adobe Reader Alternatives;

  • Foxit Reader -
  • Nitro PDF -
  • Nuance PDF Reader -
  • Cool PDF Reader -
  • Sumatra PDF Reader -


Leave a Reply

Your email address will not be published. Required fields are marked *