Adobe Acrobat Yet Again Under Attack by Zero-Day Bug

Posted 10/09/2009 at 1:59pm | by Paul Lilly

6

Comments

Print

If it seems like Adobe's Acrobat Reader is constantly under attack, well, that's because there's some truth to it. The latest threat comes in the form of another zero-day bug being exploited in targeted attacks, Adobe said.

Not a whole lot of information has been made available on the newest threat, though according to an advisory from VUPEN Security, the vulnerability in question is an unspecified memory corruption error that occurs when users open a specially crafted PDF file. VUPEN says the bug can be exploited remotely.

"Adobe plans to resolve this issue as part of the upcoming Adobe Reader and Acrobat quarterly update, scheduled for release on October 13," blogged David Lenoe of the Adobe Product Security Incident Response Team. "Adobe Reader and Acrobat 9.1.3 customers with DEP (Data Execution Prevention) enabled on Windows Vista will be protected from this exploit."

In the meantime, Johannes Ullrich, a researcher with the SANS Institute, says users can avoid the potential threat by first converting PDFs into another format, like Postscript, and then back into PDF form. At the same time, Ullrich warns this isn't 100 percent certain to remove the exploit and could actually infect the machine mucking around with the file. Fantastic.

Anyone else using Foxit Software's super-lean freebie PDF reader, Foxit Reader?