Unpatched vulnerability in Chrome PDF reader actively exploited

Attackers are exploiting an unpatched vulnerability in Google Chrome’s built-in PDF reader. Trough the vulnerability, information about the system is disclosed, such as the IP address, operating system, Chrome version, and the full path of the PDF file.

Security company EdgeSpot discovered the issue. Malicious PDF files that abuse the vulnerability were found since December last year. As soon as Chrome users open the PDF files with their browser, information about the system is sent to a server. Through the vulnerabilities it’s not possible to steal hashed passwords, something that was possible due to a recently discovered leak in Adobe Reader.

EdgeSpot warned Google at the end of December. In February the internet company responded that it would release a security update for the issue by the end of April. Due to the potential risk for Chrome users, the EdgeSpot decided to disclose the vulnerability earlier.

Chrome users are advised to use an alternative PDF reader or to disconnect the computer from the internet when opening a PDF document.