Adobe has updated its Reader and Acrobat products to shore up a major vulnerability that already is being exploited in the wild, the company said.
An Adobe spokesman did not disagree but downplayed any outbreak.
Storms said Adobe released few details about this latest vulnerability, probably to ward off the potential for further exploits. Adobe said in its advisory that is has received reports of exploits appearing in the wild.
Jason Lam, a senior security analyst at a Canada-based financial institution and a handler for the SANS Internet Storm Center, warned of an uptick in compromised websites being used to distribute the exploit.
"This is likely to appear in a malware spreading website near you soon
given the track record of the botnet operators," he wrote on the Storm Center's blog. "Suggest [you] update this one
as soon as possible."
Adobe Reader and Acrobat versions 7.1.0 are not affected.
See original article on scmagazineus.com
Vulnerability in Adobe Acrobat leads to public exploit
By Dan Kaplan on Jun 25, 2008 9:51AM