Skip to main content

Adobe Acrobat and Reader under attack with a zero-day exploit

Adobe LogoAdobe identified a critical vulnerability in Adobe Acrobat and Reader on Tuesday, but said today that attackers were already exploiting this bug. All versions of Acrobat and Reader 8 and 9 for Windows, Macintosh, and Unix are open to attack. Even the latest versions, 8.2.4 and 9.3.4 are not safe. Other PDF reading alternatives, such as Foxit Reader, are not affected.

Masquerading as a harmless PDF file, this exploit has malformed font and image files. Spreading as an e-mail attachment to innocent-sounding emails, the PDF saves and runs an executable file to disk when it’s opened. A variation of the email offers tips on ways to improve your golf game. Security firm Trend Micro spotted a variation with a Trojan, TROJ_PIDIEF.WM, that downloaded two other Trojans called TROJ_DLOADR.WM and TROJ_CHIFRAX.BU.

Recommended Videos

This vulnerability bypasses Windows 7’s vaunted security measures. The executable file that gets saved carries a valid digital signature, so Windows 7 allows the operation. Because a valid signature pretty much tells Windows 7 that it’s a safe file, this executable is free to download more malicious code from a server at academyhouse.us. According to Kaspersky Lab, the file appears to be form Vantage Credit Union in St. Louis. It also piggybacks on loopholes created by applications that haven’t included Windows 7’s ASLR security technology in their own code.

Adobe “is in the process of evaluating the schedule for an update to resolve this vulnerability,” and hasn’t announced any fixes or patches. The regularly scheduled patch date is Oct. 13, but an emergency patch is not out of the question.

There are reports that turning off JavaScript in Adobe Reader stops the PDF file from executing. This is only a temporary measure, as attackers can tweak the exploit to issue variations that are immune to disabling JavaScript.

Fahmida Y. Rashid
Former Digital Trends Contributor
Nvidia may soon bid farewell to its most popular GPU
Two RTX 4060 graphics cards sitting next to each other.

Nvidia's RTX 50-series is right around the corner -- but this means that some of the current best graphics cards will soon be hard to come by. According to a post on the Board Channels forums, several of Nvidia's most popular RTX 40-series GPUs will soon be gone, including the budget-friendly RTX 4060.

We've heard reports of Nvidia slowly sunsetting the majority of its last-gen lineup over the past few months. The RTX 4090 was the first to go, and according to unofficial sources, the RTX 4080 and the RTX 4070 (including their Super and Ti variants) have already ceased production. As per leaks shared on the Board Channels, the only GPUs that are still being produced are the RTX 4060 and its Ti version -- but not for long.

Read more
Google is testing a feature that will let AI hide away internet pop-ups
Google Chrome browser running on Android Automotive in a car.

Google is testing a new feature in Chrome Canary, the experimental version of the Chrome browser. As reported by TechRadar, the "PermissionsAI" feature is designed to deal with pop-ups from websites asking you to share your location or consent to notifications.

According to Chromium, the tool will use Google's "Permission Predictions Service" and Gemini Nano v2 to analyze users' previous responses to pop-ups and guess how they will respond to new ones. If you're likely to decline, the feature will block the annoying pop-up that appears in the middle of your screen and instead hide it away in a corner in case you need it later.

Read more
AMD’s Ryzen Z2 Go disappoints in early benchmark
The Lenovo Legion Go S sitting on a window.

A recent YouTube video has showcased the gaming capabilities of AMD's upcoming Ryzen Z2 Go chipset, designed for budget gaming handhelds. As part of the new Ryzen Z2 lineup, the Z2 Go’s capabilities were tested on a Lenovo Legion Go S and compared to last year’s Z1 Extreme powering the Asus ROG Ally X.

According to gaming performance data shared by FPS VN, the Z2 Go shows some limitations compared to the Z1 Extreme. In Black Myth: Wukong, it achieved 36 fps versus 40 fps at 15W, 30 fps versus 32 fps at 20W, and 60 fps versus 64 fps at 30W. In Cyberpunk 2077, the Z2 Go delivered 50 fps compared to 54 fps at 15W, 45 fps versus 47 fps at 20W, and 61 fps compared to 66 fps at 30W. Similarly, in Ghost of Tsushima, the Z2 Go hits 62 fps versus 66 fps at 15W, 48 fps versus 52 fps at 20W, and 62 fps versus 66 fps at 30W. Although the performance gap is minor, it remains consistent at around 7–10% across all tested games.

Read more