Adobe Reader vulnerabilities have been exploited for decades by threat actors taking advantage of the universal use of the utility to fool employees into downloading infected PDF documents through phishing lures. Now a security researcher says a Reader hole has been quietly exploited by malware for as long as four months, fingerprinting computers to gather information that will allow attackers to steal data and perform further malicious activities. In a blog this week, Haifei Li said that EXPMON, the publicly-available exploit monitor he runs that scans samples to detect file-based zero-day exploits, had found an initial exploit that abuses the vulnerability in a Reader API. JavaScript code ...