Adobe Zero Days Under Attack

Monday, February 18, 2013 @ 05:02 PM gHale

It doesn’t take long. Adobe PDF Reader and Flash Player Fresh vulnerabilities are now suffering from exploitation.

There is a PDF Zero Day being exploited, said researchers from FireEye who found successful exploitation on the Adobe PDF Reader versions 9.5.3, 10.1.5, and 11.0.1.

Adobe Mitigation Plan for Zero Day
Adobe Patches Two Zero Days
Trojan a Work of ‘Poetry’
Ransomware Encrypts Data

“Upon successful exploitation, it will drop two DLLs,” the researchers said. “The first DLL shows a fake error message and opens a decoy PDF document, which is usually common in targeted attacks. The second DLL in turn drops the callback component, which talks to a remote domain.

“We have already submitted the sample to the Adobe security team. Before we get confirmation from Adobe and a mitigation plan is available, we suggest that you not open any unknown PDF files.”

In addition, Kaspersky Labs identified a Zero Day vulnerability in Adobe Flash Player (CVE-2013-0633) actively exploited in targeted attacks. This impacts Windows, Mac OS X and Linux operating systems, as well as a number of earlier versions of Android.

“The vulnerability was being used in a series of targeted attacks that were designed to trick victims into opening a spear-phishing email with a Microsoft Word document, which contained malicious Flash (SWF) content,” Kaspersky researchers said. “The majority of attacks analyzed by Kaspersky Lab were targeted against human rights activists and political dissidents from Africa and the Middle East.”

Adobe released a security update for this issue, saying it was aware of reports of this vulnerability undergoing exploitation in the wild.

Leave a Reply

You must be logged in to post a comment.