Security experts are warning Adobe customers to be extra vigilant following the discovery of an attack that attempts to exploit a new zero-day vulnerability in Adobe's Reader and Acrobat products.
In a blog posting late yesterday, Symantec's Security Response team said it had received a "tip from a source" that there was a potential zero-day vulnerability in the wild affecting Reader and Acrobat.
"We have indeed confirmed the existence of a 0-day vulnerability in these products," the posting continued.
"The PDF file we discovered arrives as an email attachment. The attack attempts to lure email recipients into opening the attachment. When the file is opened, a malicious file is dropped and run on a fully patched system with either Adobe Reader or Acrobat installed. Symantec products detect the file as Trojan.Pidief.H."
Adobe has since confirmed it has received and is investigating the "reports of a vulnerability in Adobe Reader and Acrobat 9.2 and earlier versions".
"We will provide an update as soon as we have more information," read a post on the firm's Product Security Incident Response Team (PSIRT) blog.
New Adobe zero-day threat discovered
By
Phil Muncaster
on Dec 16, 2009 7:00AM
Symantec warns of flaw.
Got a news tip for our journalists? Share it with us anonymously here.
Partner Content
Promoted Content
Why simplicity is the winning formula for CX success
Partner Content
Deadline to enter 2021 IoT Awards extended
Promoted Content
Australian data sovereignty and protection concerns increase
Promoted Content
New report reveals opportunities to address weak security in APAC organisations
Sponsored Whitepapers
10 questions to ask before you select a Network Performance Management tool
Innovate faster. Why accelerating change is a CIO's biggest challenge.
Unlock faster time-to-revenue using Adobe digital document processes
How Security as Code changes development and deployment for the cloud
Tackle new ITSM priorities with this seven-step Micro Focus guide
.jpg&h=271&w=480&c=1&s=1)
