The Defence Signals Directorate is now advising Australian government agencies and departments to ditch older versions of Adobe Reader and update to either version X or XI, due to it finding that many agencies are still running outdated software.
In a broadcast from DSD's Cyber Security Operations Centre (CSOC), the department advised that 80 percent of the incidents being reported to CSOC were socially engineered emails. Of those, almost a third of the attachments used were malicious PDF files.
"DSD continues to observe agencies using unpatched or older versions of applications."
"Malware kits, including PDF‐based exploits, are readily available, and many agencies continue to use unpatched or older versions of PDF readers, placing themselves at greater risk of compromise."
The advice applies to those agencies currently using Adobe Reader as their PDF viewer. The broadcast did not make a recommendation for or against the use of other PDF viewers.
DSD praised Adobe Reader's sandboxing technology, stating that it is "making the successful exploit of vulnerabilities far more difficult for malicious cyber actors."
Recently, however, Russian cybercrime investigation firm Group-IBon an alleged zero-day vulnerability that could bypass Adobe's sandbox and was being sold on underground forums for up to US$50,000.
Adobe has yet to confirm whether the claim is true, but is in talks with Group-IB to investigate further.