Adobe Reader and Acrobat flaws open way for further document attacks.
A string of vulnerabilities in
Adobe
‘s PDF viewing and editing software, disclosed late last week by
Adobe
and
iDefense
, have been exploited by malicious attacks using PDF files to launch malware.
The flaws, which include several buffer overflows, a library path vulnerability and a JavaScript handling issue, were unveiled last Thursday after
Adobe
released updated versions patching them, having been informed of the dangers by researchers at
iDefense
. Over the weekend documents using the vulnerabilities to launch malicious code were observed in the wild.
Trojans inserted into PDF files are likely to be distributed via email and on compromised websites, and while some software may detect such attacks using the same identification as a
previous wave
of PDF exploits,
Symantec
at least has dubbed the latest series of attacks ‘Trojan.Zonebac’.
Users of
Adobe
software are advised to upgrade to the latest version to minimise exposure. An alert on the update is at
Adobe
here
, with details of the vulnerabilities at
iDefense
here
,
here
and
here
. A
Secunia
summary, labelling the flaws ‘highly critical’, is
here
, and a blog posting from
Symantec
on the attacks exploiting the vulnerabilities is
here
. More information on in-the-wild attacks using the exploit is at
SANS
here
.
Posted on 11 February 2008 by
Virus Bulletin
Leave a Reply