- Experts Discover Adobe Reader Suffers from Dangerous Zero-Day Exploit
- Malicious PDF Files Allow Data Theft and Possible Takeover
- Patch pending, users are urged to avoid untrusted files
Adobe Reader users have been warned to be wary of unsolicited documents arriving via email and social channels, as the popular PDF reader is vulnerable to a zero-day flaw that allows hackers to steal sensitive files and, in some scenarios, even take over your device entirely.
Security researcher Haifei Li found a “highly sophisticated, fingerprint-style PDF exploit” being exploited in the wild since December 2025, and attacks are still ongoing.
“This ‘fingerprinting’ exploit has been confirmed to exploit a zero-day/unpatched vulnerability that works in the latest version of Adobe Reader without requiring any user interaction beyond opening a PDF file,” Li said. “What is even more concerning is that this exploit allows the threat actor to not only collect/steal local information, but also potentially launch subsequent RCE/SBX attacks, which could lead to full control of the victim’s system.”
Article continues below.
Targeting the Russians
A separate report from an analyst with the alias Gi7w0rm says that the PDF honeypot used in these attacks references ongoing events in the Russian oil and gas industry, and that it was written in Russian, suggesting who the targets might be.
Adobe has yet to release a patch to fix this issue, and until that happens, all Adobe Reader users are advised not to open PDF documents from untrusted contacts.
beepcomputer notes that network defenders can also mitigate attacks that exploit this vulnerability by monitoring and blocking HTTP/HTTPS traffic with the string “Adobe Synchronizer” in the User-Agent header.
“This zero-day/unpatched capability for extensive information collection and the potential for subsequent exploitation of RCE/SBX is enough for the security community to remain on high alert. That is why we have chosen to publish these findings immediately so that users can remain vigilant,” the researcher concluded.
The best antivirus for all budgets
Follow TechRadar on Google News and add us as a preferred source to receive news, reviews and opinions from our experts in your feeds. Be sure to click the Follow button!
And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form and receive regular updates from us on WhatsApp also.
