Researchers expect widespread exploit of Adobe PDF flaw

Share this article:
Attackers are actively exploiting a gaping zero-day hole in versions 9 and earlier of Adobe Acrobat and Reader, the company has warned.

Adobe said Thursday that successful exploitation of the buffer overflow flaw could cause the application to crash and permit and attacker to take control of an affected system. The company said it plans to issue a patch by March 11 for version 9, and updates for versions 7 and 8 are scheduled to arrive soon after.

Researcher Steven Adair of the Shadowserver Foundation, a volunteer internet watchdog, recently tested a sample of the malicious PDF and determined that it relies on JavaScript for execution, according to a blog post he wrote Thursday.

Businesses can avoid infection by disabling JavaScript in Acrobat and Reader products, he said. Regardless, the exploit is likely to spread quickly.

"Right now, we believe these files are only being used in a smaller set of targeted attacks," Adair wrote. "However, these types of attacks are frequently the most damaging and it is only a matter of time before this exploit ends up in every exploit pack on the internet."

Shadowserver founder and director André De Mino told SCMagazineUS.com on Friday that users often are easily tricked into opening PDF files.

"People usually trust them," he said. "So certainly with JavaScript enabled in Acrobat, you can accomplish a lot of exploits."

Adobe said it is working with the major anti-virus providers so they can provide updated signatures for their customers.
Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

TOP COMMENTS

More in News

Email promises free pizza, ensnares victims in Asprox botnet instead

Email promises free pizza, ensnares victims in Asprox ...

Cloudmark came upon an email that offers free pizza, but clicking on the link to get the coupon ends with victims being ensnared in a botnet.

Report: most orgs lacking in response team, policies to address cyber incidents

In its Q3 threat intelligence report, Solutionary learned that 75 percent of organizations it assisted had no response team or policies and procedures to address cyber incidents.

Flash redirect campaign impacts Carnegie Mellon page, leads to Angler EK

Flash redirect campaign impacts Carnegie Mellon page, leads ...

Malwarebytes found that, since early July, thousands of sites had been targeted in the campaign.