Adobe Acrobat seems to prevent most antivirus software (opens in new tab) from checking PDF files when they are launched, putting consumers at danger.
Minerva Labs researchers were the first to spot the problem. When Adobe Acrobat is running, it checks for DLL files from 30 different security products to verify whether they are loaded into memory. Bitdefender, Avast, Trend Micro, Symantec, Malwarebytes, ESET, Kaspersky, F-Secure, Sophos, and Emsisoft are all included in this list.
There is a “high probability” that it will prohibit any monitoring activities if it discovers any.
This is a well-documented problem
When Adobe Acrobat Reader attempts to ask which security product DLLs are loaded into it by getting a handle on it, we’ve witnessed a spike since March of 2022, according to Minerva Labs.”
Users reported that Sophos Antivirus stopped working when an Adobe product was installed and recommended disabling DLL-injection for Acrobat and Reader on the Citrix forum.
According to Adobe, “We are aware of concerns that certain DLLs from security programmes are incompatible with Adobe Acrobat’s use of CEF (a Chromium-based engine with limited sandbox architecture) and may create stability difficulties.”
If you have an issue with Acrobat’s CEF sandbox design, Adobe is currently trying to improve it “to assure correct operation.”
According to Minerva Labs, Adobe opted to disable antivirus solutions rather than deal with compatibility concerns, leaving its consumers at danger of malware, ransomware, and other online nasties.
The usage of PDF files by criminals has been documented in the past. In the last few weeks, researchers have discovered a campaign that utilises PDFs in order to send malicious Word files to endpoints.
Subtly charming pop culture geek. Amateur analyst. Freelance tv buff. Coffee lover