Shortcomings of blacklisting in Adobe Reader and what you can do about it

A variation of a class of malicious PDFs appeared in the wild. In this blog post, we will show you how to protect your systems and how to analyze these PDFs. The PDFs embed a file type with extension .SettingContent-ms that can be used on Windows 10 to execute arbitrary code. We have observed on … Continue reading Shortcomings of blacklisting in Adobe Reader and what you can do about it

Extracting a Windows Zero-Day from an Adobe Reader Zero-Day PDF

In May 2018, when ESET published a blog post covering PDFs with 2 zero days, our interest was immediately piqued. Promptly after our analysis of these PDFs, we send out an early warning to our customers. Now that Microsoft published a blog post with the detailed analysis of the zero days, we find it appropriate … Continue reading Extracting a Windows Zero-Day from an Adobe Reader Zero-Day PDF