New Adobe Reader Zero-Day Identified, Versions 9.5.3, 10.1.5 and 11.0.1 Affected

FireEye researchers are the ones who have discovered the new vulnerability

By Eduard Kovacs on February 13th, 2013 12:04 GMT

Security researchers from FireEye have identified a new zero-day vulnerability in Adobe Reader and Adobe Acrobat. The experts say that versions 9.5.3, 10.1.5 and 11.0.1 are affected.

The attacks rely on cleverly crafted PDF documents. When the PDF file is opened, two DLLs are dropped.

One of them shows a fake error message and opens a decoy document, while the other one drops the callback component that’s in charge of communicating with a remote domain.

Adobe has been notified of these attacks and the company has launched an investigation into the matter.

“Adobe is aware of a report of a vulnerability in Adobe Reader and Acrobat XI (11.0.1) and earlier versions being exploited in the wild. We are currently investigating this report and assessing the risk to our customers,” Adobe noted.
Adobe is investigating a new Reader zero-day
   Adobe is investigating a new Reader zero-day
MORE ON THIS TOPIC
LATEST NEWS
HOT RIGHT NOW

Comments