Adobe Reader Zero-Day Exploited via Malicious PDFs Since December 2025
Summary
Threat actors have been actively exploiting a zero-day vulnerability in Adobe Reader since December 2025 through malicious PDF documents. The sophisticated exploit was identified after a malicious PDF artifact was uploaded to VirusTotal.
IFF Assessment
The exploitation of a zero-day vulnerability by threat actors represents a direct threat to users and organizations.
Severity
This zero-day vulnerability likely allows for remote code execution via crafted PDFs, leading to a critical impact on confidentiality, integrity, and availability with a high degree of exploitability.
Defender Context
This zero-day highlights the ongoing risk posed by document-based attacks and the importance of prompt patching and robust endpoint detection. Defenders should be vigilant for suspicious PDF files and ensure their Adobe Reader installations are up-to-date once a patch is available.