The Hacker News Logo
Subscribe to Newsletter

Update Adobe Reader app for Android to Patch Remote Code Execution Vulnerability

Adobe Reader Android Vulnerability
If you're one of the 400 million Android users out there who have installed Adobe Reader app that helps you to view PDF documents on mobile devices, then you should immediately update your app from Google Play Store.

Adobe has released an updated Adobe Reader 11.2.0 version to addresses an important vulnerability that could be exploited to gain 'remote code execution' ability on the affected system.

According to the Adobe advisory, vulnerability (CVE-2014-0514) resides in the implementation of JavaScript APIs on Adobe Reader 11.2 that could be exploited to execute arbitrary code within Adobe Reader.

Adobe vulnerability discovered by security researcher Yorick Koster of Securify BV, claimed that an attacker can create a specially crafted PDF file containing malicious JavaScript code that triggers when the victim will try to open it using affected Adobe Reader for Android Operating System.

Multiple attack vectors are available to deploy a malicious PDF, i.e. Cyber criminals can use phishing attacks or Facebook Spam to take advantage of such vulnerabilities.

Successful exploitation could allow a malicious attacker to access your important files stored on the Device SD card. Researchers also published a crafted PDF file as Proof of concept, to demonstrate the vulnerability.

Users are advised to update their Adobe Reader for Android as soon as possible. Stay Safe!

Have something to say about this article? Comment below or share it with us on Facebook, Twitter or our LinkedIn Group.
SHARE
Comments
Latest Stories
Top Deals

Newsletter — Subscribe for Free

Over 500,000 Information Security professional read and trust our news platform. Join them and get all latest hacking news, free eBooks delivered to your inbox - free!