Security researchers are discovering that Adobe Acrobat stops security software from inspecting PDF files, which can lead to danger for many users.
So, we have no real way of knowing if this effect was intentional, or whether it was just some overenthusiastic code written in the attempt of Acrobat providing its users some modicum of privacy. Essentially, to put it in extremely simple words, Adobe Acrobat has blacklisted specific DLLs (bunches of small programs) that have more security oriented tasks to execute. While the company has reached out to comment, stating that it’s aware of the problem and is currently in contact with the relevant program vendors to resolve issues, does this spell any deep trouble or danger signs for users relying on Acrobat? As is the case with many cybersecurity issues, and indeed safety as a whole, the answer is: not necessarily, but there’s always a decent chance.
Cybersecurity analysts were first alerted to the situation when researchers at Minerva Labs noticed a rise in search queries regarding Adobe Acrobat and which DLLs it attempts to access. The list includes massive names such as Kaspersky, Avast, ESET, Malwarebytes, and F-Secure. This clearly meant that something wasn’t right, and further investigation revealed a list that was approximately thirty entries long. What both Adobe Acrobat and Adobe Reader do is that they keep a list of these specific security programs, and prevent them from initiating DLLs that investigate the PDFs any further. Security programs require full exposure to a file in order to scan it for potential threats, and Adobe’s actions actively prevent them from doing so. Perhaps this was a security measure on Adobe’s own part, but explanations for the matter at hand have not been issued by the software company as of yet.
PDF files are commonly used by cybercriminals to initiate malware assaults on unsuspecting individuals looking to just download a free copy of the popular Donna Tartt novel The Goldfinch (a reference that definitely isn’t already dated in 2022). Acrobat preventing DLLs from being injected by software companies, while also being a primary tool used by many to access such PDF files, can potentially put many at risk.
Read next: Google Is Rolling Out Its Password Managers Encryption Keys, And Might Be Making Them The Default Security Measure For Users Across The Board
So, we have no real way of knowing if this effect was intentional, or whether it was just some overenthusiastic code written in the attempt of Acrobat providing its users some modicum of privacy. Essentially, to put it in extremely simple words, Adobe Acrobat has blacklisted specific DLLs (bunches of small programs) that have more security oriented tasks to execute. While the company has reached out to comment, stating that it’s aware of the problem and is currently in contact with the relevant program vendors to resolve issues, does this spell any deep trouble or danger signs for users relying on Acrobat? As is the case with many cybersecurity issues, and indeed safety as a whole, the answer is: not necessarily, but there’s always a decent chance.
Cybersecurity analysts were first alerted to the situation when researchers at Minerva Labs noticed a rise in search queries regarding Adobe Acrobat and which DLLs it attempts to access. The list includes massive names such as Kaspersky, Avast, ESET, Malwarebytes, and F-Secure. This clearly meant that something wasn’t right, and further investigation revealed a list that was approximately thirty entries long. What both Adobe Acrobat and Adobe Reader do is that they keep a list of these specific security programs, and prevent them from initiating DLLs that investigate the PDFs any further. Security programs require full exposure to a file in order to scan it for potential threats, and Adobe’s actions actively prevent them from doing so. Perhaps this was a security measure on Adobe’s own part, but explanations for the matter at hand have not been issued by the software company as of yet.
PDF files are commonly used by cybercriminals to initiate malware assaults on unsuspecting individuals looking to just download a free copy of the popular Donna Tartt novel The Goldfinch (a reference that definitely isn’t already dated in 2022). Acrobat preventing DLLs from being injected by software companies, while also being a primary tool used by many to access such PDF files, can potentially put many at risk.
Read next: Google Is Rolling Out Its Password Managers Encryption Keys, And Might Be Making Them The Default Security Measure For Users Across The Board