Adobe Reader infections strike in the wild

Share this article:

Exploits of the recently patched Adobe Reader vulnerabilities have been reported in the wild.

Though the proof-of-concept code had just been published earlier this week, it was not surprising that an exploit surfaced so quickly, according to a blog post Friday by Bojan Zdrnja, a volunteer analyst at the SANS Internet Storm Center.

The payload is in a JavaScript object embedded in the PDF document.

The attackers appeared to modify the proof-of-concept so it would evade anti-virus detection, Zdrnja said. He added that as of about 10:50 a.m. EST, no anti-virus products were able to detect the malicious PDF exploit, according to VirusTotal, a malware scanning service. Later Friday afternoon, US-CERT issued a statement that "reports indicate that this exploit is currently undetectable by common antivirus applications."

Core Security Technologies, a security testing software solutions provider and one of the firms credited with discovering the flaw, published sample code when it notified users about the problem.

Adobe suggests users upgrade to version 8.1.3. Users of version 9 for Reader and Acrobat, released in June, are not vulnerable to the flaws.

Share this article:

Sign up to our newsletters

More in News

Leahy bill would end bulk data collection, introduce reforms

Leahy bill would end bulk data collection, introduce ...

Sen. Patrick Leahy introduced an NSA reform bill that would update the USA Freedom Act.

House passes two cyber security bills

One bill aims to improve agencies' website security, while another works to thwart critical infrastructure attacks.

A five-month-long Tor attack attempting to 'deanonymize' users

For roughly five months beginning in January, traffic confirmation attacks were used to attempt to "deanonymize" Tor users.