German academics have developed a new attack that can extract and steal data from encrypted PDF files, sometimes without user interaction.
Named PDFex, the new attack comes in two variations and was successfully tested against 27 desktop and web PDF viewers, including popular software such as Adobe Acrobat, Foxit Reader, Evince, Nitro, and Chrome and Firefox's built-in PDF viewers.
The attack doesn't target the encryption applied to a PDF document by external software, but the encryption schemes supported by the Portable Document Format (PDF) standard, itself.
New PDFex attack can exfiltrate data from encrypted PDF files | ZDNet