Vulnerability in Adobe Acrobat leads to public exploit

Share this article:
Updated Tuesday, June 24 at 4:07 p.m. EST

Adobe has updated its Reader and Acrobat products to shore up a major vulnerability that already is being exploited in the wild, the company said.

An Adobe advisory said the "critical" vulnerability, spotted in Reader and Acrobat 8.1.2 and earlier versions, is related to an unspecified JavaScript input validation issue. If exploited, the bug could permit remote code execution.

Andrew Storms, director of security operations at vendor nCircle, said on Tuesday that Adobe this year already has patched at least one other Acrobat flaw related to a JavaScript error.

"It would appear that Adobe has an epidemic with regard to JavaScript," he told SCMagazineUS.com in an email. "One begins to wonder just how many more are yet to be found. We may be witnessing an interesting twist. It appears that Microsoft Word might be on the track to be more secure, while Adobe Acrobat is going in the opposite direction."

An Adobe spokesman did not disagree but downplayed any outbreak.

"It's true that some recent vulnerabilities with Adobe Reader have been associated with JavaScript," the spokesman said. "Vulnerabilities often follow trends as security researchers gravitate to certain areas, and that is likely what we're seeing here. As always, we take the security of our products and technologies seriously, and continue to invest a considerable amount of ongoing effort to ensure users are protected."

Storms said Adobe released few details about this latest vulnerability, probably to ward off the potential for further exploits. Adobe said in its advisory that is has received reports of exploits appearing in the wild.

Jason Lam, a senior security analyst at a Canada-based financial institution and a handler for the SANS Internet Storm Center, warned of an uptick in compromised websites being used to distribute the exploit.

"This is likely to appear in a malware spreading website near you soon given the track record of the botnet operators," he wrote on the Storm Center's blog. "Suggest [you] update this one as soon as possible."

Adobe Reader and Acrobat versions 7.1.0 are not affected.

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

TOP COMMENTS

More in News

EPIC: driver data shared via V2V technology needs protection

The groups shared comments on V2V communications with the National Highway Traffic Safety Administration.

Researchers observe recently patched Adobe bug added to exploit kits

Researchers have indicated that a recently patched integer overflow in Adobe Flash Player has been added to exploit kits.

SEDNIT malware delivered in 'Operation Pawn Storm'

SEDNIT malware delivered in 'Operation Pawn Storm'

Military, governments and media from around the world are targets in a campaign identified by Trend Micro.