Freelance security researcher Claes Spett has made available a tool he dubbed "PDF Exploit Generator," which allows penetration testers - but also malicious attackers - to create a booby-trapped PDF in a matter of minutes.
Even though the data gathered by Microsoft points to the fact that cybercriminals now prefer deceptive tactics to exploits, it does not mean that the latter approach has been wholly abandoned.
Adobe has pushed out the announced update for Acrobat and Reader that patches the two vulnerabilities that were recently exploited in attacks in the wild.
Adobe has confirmed FireEye researchers' findings about new Adobe Reader and Acrobat zero-day vulnerabilities being exploited in the wild and has issued a security bulletin detailing the flaws and offering mitigation advice until a patch is released.
Researchers form security firm FireEye have found in the wild a PDF file that exploits a new zero-day vulnerability in Adobe Reader.