Android phones with Adobe Reader app vulnerable to cyber attacks


Cyber security agencies have alerted Indian Android phone users against a potential vulnerability in certain versions of their 'Adobe Reader' programme which could compromise their personal data.
Categorising the activity of the virus as "high", the Computer Emergency Response Team (CERT-In) said the malfunction affects the Adobe Reader mobile version of "11.1.3 and prior" installed in Android phones.
The CERT-In is the nodal agency to combat hacking, phishing and to fortify security-related defences of the country's Internet domain.
"A remote attacker could exploit this vulnerability by creating a specially-crafted content which, when executed by the target user, would lead to execution of arbitrary code on the target user's system leading to compromise of the documents in the reader (Adobe Reader) and SD (secure digital) card files.
"This vulnerability exists in Adobe Reader due to improper restrictions to certain JavaScript interfaces from ARJavaScript, ARCloudPrintActivity, ARCreatePDFWebView classes," the agency said in its latest advisory to users.
The Adobe Reader software is used for reading and editing tasks on PDF files while the SD card is used to store pictures and video files on a mobile phone device.
The agency has asked the users of this series of Adobe Reader to upgrade their respective softwares to the "11.2" version and deploy proper security patches on their devices to thwart virus attacks.