The flaw allows a potential attacker to remotely execute arbitrary code.
Zero day vulnerability was discovered in the popular software Adobe Reader, allows you to execute arbitrary code on the target system. This in his report the researchers reported FireEye, who happened to encounter with an infected PDF-document capable of compromising computers based on Windows.
When trying to open a malicious file, is running two dll-libraries, one of which is designed to conceal the fact of infection. It gives the user an error message while working on a document. Second library contains a component that provides for the connection to the remote server attacks.
According to FireEye, vulnerable to this attack were such versions of Adobe Reader, as 9.5.3, 10.1.5 and 11.0.1. Older versions may also be exposed to the threat. Currently, researchers have already submitted details of the detected flaws developers.
At Adobe, in turn, confirms that the company has reviewed the report and is working on a fix. The experts also noted that for security purposes to view PDF-documents should be used only Acrobat Reader.