Zero Day Adobe Acrobat Reader Exploit

adobe_logo
PDF Holes

Just a few weeks ago we saw the Conficker worm tear across networks. Now we’ve got reports of a zero day exploit that effect Adobe Reader 8.x and 9.x according to NAI as noted in their blog post http://www.avertlabs.com/research/blog/index.php/2009/02/19/new-backdoor-attacks-using-pdf-documents/. What’s worse is the attack installs a backdoor and montoring into your system, so even after you patch the hole they can still get in to your system. Until the patch is avialbale from Adobe, don’t open any PDFs that you are not sure of. The exploit uses a specially crafted file to deliver the payload. You could also uninstall Adobe acrobat reader and install the Open Source alternative XPDF which I belive does not have the vulnerability.

Be the first to comment

Leave a Reply

Your email address will not be published.


*