INSECURITY EXPERTS claim to have uncovered attacks in the wild in which malicious Acrobat PDF files are exploiting a vulnerability in Flash and dropping a Trojan onto computers.
Symantec has warned that any software that uses Flash could be vulnerable to the attack. This means that Adobe Reader is also vulnerable because its Flash interpreter is targeted, too.
Adobe has admitted that it is aware of reports of a potential vulnerability in Adobe Reader and Acrobat 9.1.2 and Adobe Flash Player 9 and 10. It is planning an update soon, it said.
However Adobe has recently been slammed for not updating its download site which means that those who update their Adobe Acrobat readers and Flash software will be vulnerable until the software updates itself.
Writing in his bog, Patrick Fitzgerald said that the authors of the exploit have managed to take a bug and turn it into a reliable exploit using a heap spray technique.
Basically an attacker would entice a user to visit a malicious website or send a malicious PDF via email.
Once the unsuspecting user visits the website or opens the PDF this exploit will allow further malware to be dropped onto the victim's machine.
The malicious PDF files are detected as Trojan.Pidief.G and the dropped files as Trojan Horse.
The bug has been around since December but the exploit first appeared two weeks ago.
The hole is exploitable on Windows XP and Vista users are protected if User Account Control (UAC) is enabled, Symantec said.
The only cure seems to be to disable Flash until the problem is fixed. But we don't imagine most users will be doing that. µ
Home, Home on the strange
Team Red is prepping Navi for the budget GPU arena
Early-adopters beta be careful
China back in your hands