In Adobe Reader has been discovered zero-day vulnerability

Posted: February 14, 2013 in Security Notices, Vulnerability News
Tags: , , , ,

Adobe Logo

Vulnerabilities in Adobe Reader

The flaw allows a potential attacker to remotely execute arbitrary code.

Zero day vulnerability was discovered in the popular software Adobe Reader, allows you to execute arbitrary code on the target system. This in his report the researchers reported FireEye, who happened to encounter with an infected PDF-document capable of compromising computers based on Windows.

When trying to open a malicious file, is running two dll-libraries, one of which is designed to conceal the fact of infection. It gives the user an error message while working on a document. Second library contains a component that provides for the connection to the remote server attacks.

According to FireEye, vulnerable to this attack were such versions of Adobe Reader, as 9.5.3, 10.1.5 and 11.0.1. Older versions may also be exposed to the threat. Currently, researchers have already submitted details of the detected flaws developers.

At Adobe, in turn, confirms that the company has reviewed the report and is working on a fix. The experts also noted that for security purposes to view PDF-documents should be used only Acrobat Reader.

Link: http://blogs.adobe.com/psirt/2013/02/adobe-reader-and-acrobat-vulnerability-report.html

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s