Adobe Acrobat Zero-Day Exploit Detailed, affects all Operating Systems

By on June 6, 2010
submit to reddit

A trojan horse virus affecting Adobe Reader and Acrobat can allow a hacker to crash and take control of the infected system.

Adobe has announced that a zero-day exploit, existing in Flash 10.0.45.2 and earlier, as well as Adobe Reader and Acrobat 9.x, is on the loose.

The trojan horse can “cause a crash and potentially allow an attacker to take control of the affected system. There are reports that this vulnerability is being actively exploited in the wild against both Adobe Flash Player, and Adobe Reader and Acrobat,” explained Adobe.

The good news is that the attacks are narrowly-focused rather than widespread efforts and uses simple ‘lure’ methods to spread the virus.

Ben Greenbaum, senior research manager for Symantec Security Response, explains “The e-mails Symantec has seen thus far use fairly standard social engineering to try and lure users to open up a malicious PDF file, which Symantec detects as Trojan.Pidief.H. Symantec has an antivirus detection signature for this threat.”

A primitive method to stop the trojan horse infecting your system is to disable the Javascript in Adobe’s Reader and Acrobat, suggests The Shadowserver Foundation, a volunteer-run group that tracks vulnerabilities.

To disable JavaScript in Adobe Reader or Acrobat on Windows, users must select Preferences from the Edit menu, choose “JavaScript,” then uncheck the “Enable Acrobat JavaScript” option. (On the Mac, Preferences is under the “Adobe Reader” or “Adobe Acrobat” menus.)

Turning off Javascript is one of the only defense against the attack until Adobe patches the problem.

Source: Adobe, Computer World


About

Mufaddal Fakhruddin is the Editor for IGN ME and thinks writing in third person about himself in an about me section is weird.

Comments
Most Read
Most Commented
Competitions
Win two Toshiba AT200 tablets

This festive season Toshiba has 2 tablets to giveaway.

Win an MSI FM2-A85XA-G65 Motherboard

Thanks to MSI we have an great AMD FM2 motherboard to giveaway.

Win a Nokia Asha 311

Thanks to Nokia we have a great entry-level smartphone to giveaway.