- dotTech - http://dottech.org -
Adobe Reader is hit with new zero-day attack, avoid immediately to stay safe
Posted By Enrique Manalang On February 14, 2013 @ 1:59 AM In Windows | 12 Comments
Adobe Reader, Adobe’s popular PDF viewer, has a flaw that is allowing hackers to install malware on users’ computers. The exploit affects the latest version of the program (11.0.1), as well as earlier versions. This appears to be Windows only.
Adobe engineers have tried to make malware attacks harder to carry out on their software by implementing a sandboxing technique, but this new attack bypasses those defenses. Researcher Yichong Lin from security firm FireEye, explains how the attack is carried out in detail:
“Upon successful exploitation, it will drop two DLLs. The first DLL shows a fake error message and opens a decoy PDF document, which is usually common in targeted attacks. The second DLL in turn drops the callback component, which talks to a remote domain.”
Researchers from Kaspersky Lab have added that the exploit escapes the Adobe sandbox, making it the first attack out there in the wild to do so and, in the process, endangering the more sensitive parts of infected computer.
It is noted that no in-the-wild attacks exploting this vulnerability have been seen yet but FireEye is warning Reader users to “not open any unknown PDF files.” But, better yet, maybe it’s better to play it safe and uninstall Adobe Reader, and look here for an alternative suggested by our awesome readers .
[via Ars Technica ]
Article printed from dotTech: http://dottech.org
URL to article: http://dottech.org/97090/adobe-reader-is-hit-with-new-zero-day-attack-avoid-immediately-to-stay-safe/
URLs in this post:
 Image: http://dottech.org/wp-content/uploads/2013/02/2013-02-14_025811.png
 look here for an alternative suggested by our awesome readers: http://dottech.org/96878/windows-best-free-pdf-reader-program-review/
 Ars Technica: http://arstechnica.com/security/2013/02/zero-day-attack-exploits-latest-version-of-adobe-reader/
© 2008-2012 dotTech.org | All content is the property of its rightful owner.