CERT warns Android phone users against vulnerability on Adobe Reader

Android phone users who use Adobe Reader on their devices are under a security threat according to the Indian software security firm.

Published Date
29 - Apr - 2014
| Last Updated
29 - Apr - 2014
CERT warns Android phone users against vulnerability on Adobe Rea...

Cyber security experts have warned Indian Android phone users against a potential vulnerability in certain versions of Adobe Reader that could compromise their personal data.

Computer Emergency Response Team (CERT-In) has categorized the threat from the virus activity as 'High' and stated that it affects the Adobe Reader mobile version of "11.1.3 and prior" installed in Android phones. CERT has urged users to update their software versions to 11.2 as well as deploy proper security patches on their smartphones.

The Adobe Reader software is used for reading and editing PDF files while the SDcard is used to store pictures and video files on a mobile phone device. CERT has asked the users of Adobe Reader 11.1.3 and below to upgrade their respective software to the "11.2" version and deploy proper security patches on their devices to thwart the virus attack.

"A remote attacker could exploit this vulnerability by creating a specially-crafted content which, when executed by the target user, would lead to execution of arbitrary code on the target user's system leading to compromise of the documents in the reader (Adobe Reader) and SD (secure digital) card files. This vulnerability exists in Adobe Reader due to improper restrictions to certain JavaScript interfaces from ARJavaScript, ARCloudPrintActivity, ARCreatePDFWebView classes," the agency said in its latest advisory to users.

CERT-In had recently warned users against Dendroid Rat virus that affects Android devices in India. CERT warns that “the malicious application” allows cyber attackers to “completely compromise the affected smartphone and control it remotely.” CERT has urged users not to install applications from unreliable sources and install patches and Android updates regularly on their smartphone.