Adobe Warns: New Exploit Poisons PDFs, Dangerous

Dennis Faas's picture

Security researchers have discovered a new PDF (portable document format) exploit in Adobe Reader and Acrobat they think could allow a hacker to remotely take over a system. In fact, the threat is so serious at least one expert has called the vulnerability "scary."

Adobe has acknowledged the flaw exists and could soon be exploited. In a statement, the company noted that the hole could be used to "cause a crash and potentially allow an attacker to take control of the affected system." (Source: adobe.com)

Hackers Trick Users Into Opening Infected PDF

Mac, Unix and Windows users are all affected by a bug that has targeted Adobe Reader 9.3.4 and Adobe Acrobat 9.3.4. It's suspected that most earlier versions of these two programs are also vulnerable.

While Adobe did admit the problem existed, the company stopped short of providing details about the exploit.

Instead, a much better description is coming from security company Secunia, which recently noted that the issue is related to "a boundary error within the font parsing in CoolType.dll and can be exploited to cause a stack-based buffer overflow by... tricking a user into opening a specially crafted PDF file." (Source: eweek.com)

Most troubling: not even security experts know of a way to help users affected by the flaw. "Unfortunately, there are no mitigations we can offer," Secunia told tech blog, eWEEK. (Source: computerworld.com)

Users Advised to be Vigilant with Emails and Files

The best advice available right now: don't open emails or files sent by strangers, and always keep your anti-virus software and operating system up to date.

"Adobe is actively sharing information about this vulnerability (and vulnerabilities in general) with partners in the security community to enable them to quickly develop detection and quarantine methods to protect users until a patch is available," said a Secunia representative. (Source: zdnet.com)

Adobe hasn't yet announced when a patch targeting this issue will become available.

| Tags:
Rate this article: 
No votes yet