Tuesday, December 15, 2009

Adobe 0-day in the wild

The Shadowserver Foundation has become aware of a new vulnerability affecting Adobe Acrobat [Reader] that is currently unpatched. Several tests have confirmed this is a 0-day vulnerability affecting several versions of Adobe Acrobat [Reader] to include the most recent versions of 8.x and 9.x. We have not tested on 7.x, but it may also be vulnerable.

We did not discover this vulnerability but have received multiple reports of this issue and have examined multiple different copies of malicious PDFs that exploit this issue. This is legit and is very bad. Adobe PSIRT has made a post on this issue and recommends you continually check their website for additional updates. Hopefully there will be some in the next day or two.

Check shadowserver.org for exploit details

No comments: