Vulnerability in Adobe Acrobat leads to public exploit

Share this article:
Updated Tuesday, June 24 at 4:07 p.m. EST

Adobe has updated its Reader and Acrobat products to shore up a major vulnerability that already is being exploited in the wild, the company said.

An Adobe advisory said the "critical" vulnerability, spotted in Reader and Acrobat 8.1.2 and earlier versions, is related to an unspecified JavaScript input validation issue. If exploited, the bug could permit remote code execution.

Andrew Storms, director of security operations at vendor nCircle, said on Tuesday that Adobe this year already has patched at least one other Acrobat flaw related to a JavaScript error.

"It would appear that Adobe has an epidemic with regard to JavaScript," he told SCMagazineUS.com in an email. "One begins to wonder just how many more are yet to be found. We may be witnessing an interesting twist. It appears that Microsoft Word might be on the track to be more secure, while Adobe Acrobat is going in the opposite direction."

An Adobe spokesman did not disagree but downplayed any outbreak.

"It's true that some recent vulnerabilities with Adobe Reader have been associated with JavaScript," the spokesman said. "Vulnerabilities often follow trends as security researchers gravitate to certain areas, and that is likely what we're seeing here. As always, we take the security of our products and technologies seriously, and continue to invest a considerable amount of ongoing effort to ensure users are protected."

Storms said Adobe released few details about this latest vulnerability, probably to ward off the potential for further exploits. Adobe said in its advisory that is has received reports of exploits appearing in the wild.

Jason Lam, a senior security analyst at a Canada-based financial institution and a handler for the SANS Internet Storm Center, warned of an uptick in compromised websites being used to distribute the exploit.

"This is likely to appear in a malware spreading website near you soon given the track record of the botnet operators," he wrote on the Storm Center's blog. "Suggest [you] update this one as soon as possible."

Adobe Reader and Acrobat versions 7.1.0 are not affected.

Share this article:

Sign up to our newsletters

More in News

Instagram iOS and Android apps vulnerable to session hijacking

Two researchers wrote about the Instagram app for iOS and Android is vulnerable to session hijacking because both send unsecured information through HTTP.

Report: Hackers stole data from Israeli defense firms

A report by Brian Krebs detailed the intrusions, which occurred between Oct. 2011 and Aug. 2012.

Neverquest trojan targets regional banks in Japan

Symantec researchers found a new variant of the banking trojan.