Adobe Acrobat/Reader Flaw Being Exploited

The Internet Storm Center at the SANS Institute has posted a diary entry about a newly discovered security vulnerability in Adobe’s Reader and Acrobat software, which is apparently being actively exploited.  Adobe has issued a Security Advisory, but they have not provided much in the way of details so far.  The flaw is apparently triggered by a maliciously-crafted PDF file; so far, it has been seen as an attachment to a phishing E-mail, hawking a method to improve your golf score: “David Leadbetter’s One Point Lesson”.   This particular example of the exploit apparently causes Acrobat or Reader to crash, and then opens a dummy file.  The vulnerability apparently exists on all versions of the software, including 9.3.4, the most current, on all platforms (MAC OS X, Windows, and UNIX/Linux).

Adobe says they are “evaluating the schedule for an update to resolve this vulnerability”.   The only mitigation step I’m aware of now is one that should be standard procedure: don’t open PDF files from untrusted sources.  I don’t know enough about the exploit to know whether disabling JavaScript (under Edit / Preferences from the main menu) will help, but it probably can’t hurt.   At present, only a minority of anti-virus programs appear to be able to detect this exploit.

I will post updated information here as I learn of it.

One Response to Adobe Acrobat/Reader Flaw Being Exploited

  1. […] this attack, and the outstanding security flaw in Adobe’s Acrobat and Reader, it is a Very Bad Idea to open anything in E-mail that appears […]

%d bloggers like this: