Wednesday, April 26, 2017
Home / Security / Exploits / New Adobe Reader & Acrobat Zero-Day

New Adobe Reader & Acrobat Zero-Day

Adobe published an advisory yesterday proposing a manual mitigation for zero-day exposures in its Reader and Acrobat products that are being exploited in the wild.

The exploit is the first sandbox escape in Adobe Reader X and above.  FireEye, a security research company, which reported the exposure to Adobe on Tuesday, has issued additional details about the exploit calling it Trojan.666 based upon the name of an image base found in the attack.

Adobe said it is working on an emergency patch for the popular document reader. In the meantime, it urges users to enable the product’s Protected View feature, which is off by default.

Adobe mentioned there are two vulnerabilities (CVE-2013-0640 and CVE-2013-0641) involving Adobe Reader and Acrobat XI (11.0.01 and earlier), X (10.1.5 and earlier) and 9.5.3 and earlier for Windows and Mac OS X systems. Active exploits are applying malevolent PDFs attached to phishing messages aiming to be a travel visa application called Visaform Turkey.pdf.

About FastFlux

Owner of ZeroSecurity, interested in programming, malware analysis and penetration testing. If you would like to write for the ZeroSecurity team, please use the contact form above.

Check Also

Amazon hacked – hacker leaks 80,000 login credentials

A hacker going by the name 0x2Taylor has said to have breached the servers of …