Adobe Acrobat Reader Zero-Day Under Active Exploit Since December

Attackers have been exploiting a zero-day vulnerability in Adobe Acrobat Reader since at least December 2025 using maliciously crafted PDF documents to compromise systems. The vulnerability allows code execution when victims open specially crafted PDF files. Adobe has not yet released a patch, leaving users exposed to ongoing attacks. Security researchers discovered the flaw being actively exploited in the wild, with threat actors using it to deploy malware and gain persistent access to victim networks. The attacks appear targeted, using PDFs that appear legitimate to trick users into opening them. Adobe Acrobat Reader is among the most widely deployed PDF applications globally, making this vulnerability particularly concerning for enterprise environments. Security teams are advised to implement application whitelisting, disable JavaScript in Reader, and consider alternative PDF viewers until a patch becomes available. Adobe has acknowledged the issue and stated it is working on a fix. No timeline for patch release has been provided.