[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[ISN] Zero-day attack reportedly pierces key Adobe Reader defense
By Dan Goodin
Nov 7 2012
Adobe officials say they're investigating claims of a recent attack. A
newly published report claims the latest versions of the widely used
Reader document viewer are under attack by exploit code that targets a
previously unknown vulnerability.
The particular exploit is available in underground forums for as much as
$50,000. It's significant because it pierces a security sandbox that
until now has proved impervious to other online attacks, KrebsonSecurity
journalist Brian Krebs reported on Wednesday. The security mechanism is
designed to minimize the damage of attacks that exploit buffer overflows
and other types of software bugs by isolating Web content from sensitive
parts of the underlying operating system.
The vulnerability affects both Reader X and its recently introduced
successor, Reader XI. And it's already incorporated into a custom
version of the Blackhole Exploit Kit according to Krebs. The reporter
wrote the developer behind Blackhole said he is hoping to add the
exploit to the main version of the kit soon. Criminal hackers fold
Blackhole into already hacked websites to give them the ability to
exploit a wide variety of vulnerabilities when end users visit the
Krebs's report cited a researcher with Moscow-based forensics firm
In an e-mail to Ars, an Adobe spokeswoman wrote: "We saw the
announcement from Group IB, but we haven't seen or received any details.
Adobe [Product Security Incident Response Team] has reached out to
Group-IB, but we have not yet heard back. Without additional details,
there is nothing we can do, unfortunatelyâbeyond continuing to monitor
the threat landscape and working with our partners in the security
community, as always."
Visit the InfoSec News Security Bookstore
Best Selling Security Books and More!