Lockheed Martin hit, but not breached, with Adobe zero-day

Share this article:

Attackers attempted to leverage a recently disclosed Adobe Reader zero-day vulnerability to infiltrate Lockheed Martin, among other companies.

Adobe earlier this week warned about the critical flaw, which is being exploited in limited and targeted attacks against Adobe Reader 9.x on Windows. The software maker is working on an emergency fix, to be released next week.

Lockheed appears to be among the first to spot the bug because the Adobe advisory credits the company's computer emergency response team with reporting the issue to Adobe.

The defense contractor regularly identifies and blocks malware attempting to exploit bugs in Reader and other applications, Jennifer Whitlow, a spokeswoman at Lockheed Martin, said in a statement sent to SCMagazineUS.com on Thursday.

“To be clear, there was no breach or intrusion of any kind in this instance,” Whitlow said. “Our systems blocked any access by the adversary, and Lockheed Martin information systems remain secure.”

Lockheed, though, isn't the only organization to be targeted by an exploit that takes advantage of the vulnerability. Security firm Symantec  said attackers leveraged the bug in malicious emails sent on Nov. 1 and 5. The messages attempted to infect computers with the Sykipot trojan, a piece of malware that opens a backdoor on target machines.

The emails, which contained subject lines related to a 2012 contract guide, instructed recipients to open an attached file to view a new guide containing an updated policy for awarding contractors, Stephen Doherty, security response engineer at Symantec, said in a blog post Wednesday. Symantec posted a screen shot of the message, but blurred the name of the target company. 

Independent security researcher Brandon Dixon also discovered a malicious PDF attempting to exploit the flaw. The rigged file was disguised as an employee satisfaction survey for employees of the defense contractor ManTech. 

The bug affects Adobe Reader and Acrobat X (10.1.1) and earlier 10.x versions for Windows and Mac, as well as Adobe Reader and Acrobat 9.4.6, and earlier 9.x versions for Windows, Mac and UNIX. 

Adobe expects to fix the issue sometime next week in Reader and Acrobat version 9. However, because the bug is mitigated by the Protected View functionality, the company plans to wait until Jan. 10 to patch Reader and Acrobat X, its most current version. Jan. 10 is the scheduled date of Adobe's next quarterly security update.

Share this article:

Sign up to our newsletters

More in News

Report: SQL injection a pervasive threat, behavioral analysis needed

Report: SQL injection a pervasive threat, behavioral analysis ...

Long lag times between detection and resolution and reliance on traditional methods impair an organization's ability to combat SQL injection attacks.

WhatsApp bug allows for interception of shared locations

Researchers identified a vulnerability in WhatsApp that could enable an attacker to intercept shared locations using a man-in-the-middle attack, or a rogue access point.

Google tweaks its terms of service for clarity on Gmail scanning

The company is currently dealing with a lawsuit that challenges its email scanning practices.