Evidently Adobe Acrobat is obstructing most antivirus software program (opens in new tab) from scanning PDF recordsdata at launch, placing customers in danger.
The problem was first recognized by cybersecurity researchers from Minerva Labs. As reported by BleepingComputer, Minerva noticed Adobe Acrobat scanning for DLL recordsdata from 30 safety merchandise, to see in the event that they’re loaded into reminiscence whereas it’s lively. These merchandise additionally embrace the business’s heavy hitters, equivalent to Bitdefender, Avast, Pattern Micro, Symantec, Malwarebytes, ESET, Kaspersky, F-Safe, Sophos, and Emsisoft.
If it finds any, it “almost definitely” blocks them, stopping any monitoring exercise, the report states.
(opens in new tab)
Share your ideas on Cybersecurity and get a free copy of the Hacker’s Guide 2022 (opens in new tab). Assist us discover how companies are getting ready for the post-Covid world and the implications of those actions on their cybersecurity plans. Enter your e mail on the finish of this survey (opens in new tab) to get the bookazine, value $10.99/£10.99.
A identified challenge
“Since March of 2022 we’ve seen a gradual uptick in Adobe Acrobat Reader processes trying to question which safety product DLLs are loaded into it by buying a deal with of the DLL,” Minerva Labs defined.
Bleeping Laptop additionally discovered a person grievance on the Citrix discussion board, saying Sophos’ Antivirus began getting errors after an Adobe product was put in, and that the corporate advised disabling DLL-injection for Acrobat and Reader.
“We’re conscious of experiences that some DLLs from safety instruments are incompatible with Adobe Acrobat’s utilization of CEF, a Chromium based mostly engine with a restricted sandbox design, and should trigger stability points,” wrote Adobe, in response to complaints.
Learn extra
> Hackers have discovered a brand new strategy to smuggle malware onto your machine (opens in new tab)
> Patch Adobe Reader now or threat a serious safety assault (opens in new tab)
> Replace your Adobe software program now to repair these ‘essential’ threats (opens in new tab)
In the meanwhile, it’s engaged on a repair, to “guarantee correct performance with Acrobat’s CEF sandbox design going ahead.”
In accordance with Minerva Labs, between compatibility points and disabling antivirus options, Adobe selected the latter, placing its customers at actual threat of malware (opens in new tab), ransomware (opens in new tab), and different nasties lurking within the depths of the web.
PDF recordsdata are identified to have been utilized by menace actors up to now. Solely not too long ago, researchers noticed a marketing campaign that makes use of PDF recordsdata, by way of which malicious Phrase recordsdata had been being distributed to focus on endpoints.
By way of BleepingComputer (opens in new tab)