Islamabad, Aug 28: A cyber security advisory has been released by the Pakistan Telecommunication Authority (PTA) regarding a vulnerability in Adobe Reader and Acrobat. The alert draws attention to a serious security vulnerability known as CVE-2024-30304.
This flaw, which is categorized as a “use-after-free” mistake, is extremely dangerous since it can allow remote attackers to take control of compromised systems and run any code they choose. The alert states that exploitation happens when a victim is duped into viewing a maliciously created document, which may result in program crashes or system compromise.
In order to resolve this vulnerability, PTA has advised customers to see the official Adobe Security Advisory for any required updates, patches, or workarounds. The PTA emphasized that in order to protect against any exploitation, these upgrades must be applied very away. Users are also cautioned to be cautious when opening files from unknown or untrusted sources, and to confirm the legitimacy of the sender and the document before opening any files.
The PTA also suggested installing and keeping up-to-date endpoint security and antivirus software in its advice. These steps are essential for identifying and preventing any malicious programs or documents from trying to take advantage of the vulnerability. The PTA also underlined the necessity of informing consumers of the dangers connected to dubious documents, urged early reporting of any suspicious or unusual activity to security or IT staff.
The PTA recommended turning on security features in Adobe Reader and Acrobat, such as Protected View and Enhanced Security Settings. These characteristics may lessen the effects of any exploits. It was also suggested to keep an eye on system logs and network traffic for any indications of exploitation or strange activity in order to identify any attempted attacks that targeted this vulnerability.
PTA asked customers to utilize the dedicated portal and email to report any incidents to the PTA CERT before closing. PTA claims that in order to quickly address any security dangers associated with this vulnerability, timely reporting is crucial.
