A trojan horse virus affecting Adobe Reader and Acrobat can allow a hacker to crash and take control of the infected system.
Adobe has announced that a zero-day exploit, existing in Flash 10.0.45.2 and earlier, as well as Adobe Reader and Acrobat 9.x, is on the loose.
The trojan horse can “cause a crash and potentially allow an attacker to take control of the affected system. There are reports that this vulnerability is being actively exploited in the wild against both Adobe Flash Player, and Adobe Reader and Acrobat,” explained Adobe.
The good news is that the attacks are narrowly-focused rather than widespread efforts and uses simple ‘lure’ methods to spread the virus.
Ben Greenbaum, senior research manager for Symantec Security Response, explains “The e-mails Symantec has seen thus far use fairly standard social engineering to try and lure users to open up a malicious PDF file, which Symantec detects as Trojan.Pidief.H. Symantec has an antivirus detection signature for this threat.”
Source: Adobe, Computer World