Hackers target unpatched Adobe flaw

By

PDF vulnerability being exploited ahead of update.

Security experts are warning that an unpatched Adobe PDF vulnerability due to be fixed in the vendor's upcoming 12 January quarterly security update is actively being exploited in the wild.

The flaw in Acrobat and Reader software, which was first discovered in mid-December, could allow a hacker to cause a system crash and potentially take control of an affected PC.

Despite reports at the time that the flaw was actively being exploited, Adobe's director of product security and privacy, Brad Arkin, explained that the firm would not be working on a fix prior to the 12 January quarterly update because it could "negatively impact the timing of the next quarterly security update".

However, hackers appear to be stepping up their activities. A posting on security vendor Trend Micro's blog today said that a new PDF sample exploiting the same unpatched vulnerability in Acrobat and Reader has been spotted in the wild.

"The sample (detected by Trend Micro as TROJ_PIDIEF.WIA) uses the heap spray technique to execute shellcode in its stream. As a result, a malicious file detected as BKDR_POISON.UC is dropped into the system," the blog noted.

"When executed, BKDR_POISON.UC opens an instance of Internet Explorer and connects to a remote site, cecon.{BLOCKED}-show.org. Once connected, a malicious user may execute any command on the affected system."

Until 12 January, Adobe is recommending customers to either disable JavaScript in Reader and Acrobat or, for those running versions 9.2 or 8.1.7, to use the JavaScript Blacklist Framework.

Hackers target unpatched Adobe flaw
Got a news tip for our journalists? Share it with us anonymously here.
Copyright ©v3.co.uk
Tags:

Most Read Articles

Qantas facing 'significant' data theft after cyber attack

Qantas facing 'significant' data theft after cyber attack

Home Affairs officer accessed data on "friends and associates"

Home Affairs officer accessed data on "friends and associates"

International Criminal Court hit by cyber attack

International Criminal Court hit by cyber attack

Ex-student charged over Western Sydney University cyberattacks

Ex-student charged over Western Sydney University cyberattacks

Log In

  |  Forgot your password?