Security researchers discover Adobe Acrobat may block antivirus from scanning PDFs

Rual dV

Active Member
Staff member
Company Rep
Joined
Jan 27, 2022
Messages
95
Adobe Acrobat blocks anti-virus from scanning PDFs

Security researchers discovered that Adobe Acrobat might actively try to block antivirus software from scanning PDF files for malicious activity.

Minerva Labs security researcher Natalie Zargarov wrote in a blog post this week that this functionality could be “potentially catastrophic” as it poses a massive security risk.
 

Jade @ Absolute Hosting

Absolute Hosting Representative
Company Rep
Joined
Nov 17, 2015
Messages
1,328
I'm pretty sure Eset have this cat in the bag. Why didn't MyBB post on Follina?

Hmm seems not so, and a bit concerning tbh

However, any vendor that uses libcef.dll can easily change this DLL list. The hard-coded DLL list in the Adobe libcef.dll version we checked had been edited and was surprisingly longer and also contains the DLLs of the following security products:

  1. Trend Micro
  2. BitDefender
  3. AVAST
  4. F-Secure
  5. McAfee
  6. 360 Security
  7. Citrix
  8. Symantec
  9. Morphisec
  10. Malwarebytes
  11. Checkpoint
  12. Ahnlab
  13. Cylance
  14. Sophos
  15. CyberArk
  16. Citrix
  17. BullGuard
  18. Panda Security
  19. Fortinet
  20. Emsisoft
  21. ESET
  22. K7 TotalSecurity
  23. Kaspersky
  24. AVG
  25. CMC Internet Security
  26. Samsung Smart Security ESCORT
  27. Moon Secure
  28. NOD32
  29. PC Matic
  30. SentryBay
 

Soulware Technology

Expert Member
Joined
May 28, 2022
Messages
1,446
Hmm seems not so, and a bit concerning tbh
They usually are on top of the game, but I can't find anything on the Eset Forums. With Follina it was easy because the exploit had a name.

Not sure what to search for. Even if it doesn't scan the PDF, Internet Security will block any suspect communication should you run it and it will stop further infection, but it is still concerning.
 

Soulware Technology

Expert Member
Joined
May 28, 2022
Messages
1,446
My Eset license is expired. I trust it for previously fixed issues but I wouldn't have any signatures for this. So I didn't open it in a pdf reader.
 
Top