Researchers investigate Adobe vulnerability that enables a PDF to be tracked

April 29, 2013 – 5:14 PM

Security firm McAfee said it has spotted a vulnerability in the latest version of Adobe Reader that would allow someone to track a PDF document.

The flaw, which is being exploited in the wild, affects all versions of Reader, including the most recent, 11.0.2. While the hole does not enable remote code execution – the most serious outcome a vulnerability can have – it can permit a sender “to see when and where the PDF is opened,” McAfee researcher Haifei Li wrote in a Friday blog post.

And researchers haven’t ruled out whether the flaw is being used as part of an advanced persistent threat (APT)-style attack.

“Is this a serious problem?” Li wrote. “No, we don’t want to overvalue the issue. However, we do consider this issue a security vulnerability. Considering this, we have reported the issue to Adobe and we are waiting for their confirmation and a future patch.”

Li said McAfee is aware of the issue being actively leveraged. It has spotted a number of PDF samples sent by an email tracking service provider. Researchers, however, are unsure if this was done with malicious intentions.


You must be logged in to post a comment.