Feeds

Military contractor warns of new Adobe Reader exploit

Attacks already under way

Next gen security for virtualised datacentres

Attackers are exploiting a vulnerability in the latest versions of Adobe Reader and Acrobat applications to hijack computers running Microsoft Windows, Adobe warned on Tuesday.

The vulnerability, which corrupts memory involved with the U3D, or Universal 3D, file format, was reported by members of Lockheed Martin's computer incident response team and the Defense Security Information Exchange. Both groups monitor security threats affecting military contractors and organizations. Adobe's advisory said the bug is reportedly “being actively exploited in limited, targeted attacks in the wild,” but didn't elaborate.

While attackers are exploiting only Reader 9.x on Windows, all supported versions of Adobe Reader and Acrobat are vulnerable.

Adobe will ship an emergency update no later than the end of next week for Reader 9.x and Acrobat 9.x. Remaining updates for Reader X and Acrobat X, and versions that run on the OS X and UNIX operating systems will be delivered on January 10, the date of Adobe's next scheduled patch release. Brad Arkin, Adobe's senior director of product security and privacy, said a security sandbox built into Reader X prevented attacks from executing malicious code, and that versions written for non-Windows systems aren't being targeted.

“Focusing this release on just Adobe Reader and Acrobat 9.x for Windows also allows us to ship the update much earlier,” he wrote in a blog post. “We are conscious of the upcoming holidays and are working to get this patch out as soon as possible to allow time to deploy the update before users and staff begin time off. Ultimately the decision comes down to what we can do to best mitigate threats to our customers.”

The phrase “limited, targeted attacks in the wild” has often been used to describe exploits directed at military contractors and other companies known to possess information that's critical to national security. An attack that extracted sensitive information about RSA SecurID authentication tokens used by 40 million employees to access sensitive corporate and government networks relied on Adobe Flash code embedded in a Microsoft Excel document. Security reporter Brian Krebs recently reported that as many as 100 Fortune 500 companies may have been hit in the same attack.

Over the past year, Adobe has made significant improvements to the security of its software. Key among them is the sandbox it added to the latest version of Reader for Windows. It separates application functions from sensitive parts of the operating system, such as reading and writing to the hard drive. Adobe's ability to more quickly patch vulnerabilities under attack also appears to have improved.

But the current rash of exploits, however small and targeted, shows the continuing risks that come from running the software. With a plethora of document readers available, it's a good idea to switch to one that's less targeted. Windows users who must use the application should immediately switch to Reader X to avail themselves of the huge investment Adobe developers put into it. ®

The essential guide to IT transformation

More from The Register

next story
Goog says patch⁵⁰ your Chrome
64-bit browser loads cat vids FIFTEEN PERCENT faster!
Chinese hackers spied on investigators of Flight MH370 - report
Classified data on flight's disappearance pinched
NIST to sysadmins: clean up your SSH mess
Too many keys, too badly managed
Attack flogged through shiny-clicky social media buttons
66,000 users popped by malicious Flash fudging add-on
New twist as rogue antivirus enters death throes
That's not the website you're looking for
ISIS terror fanatics invade Diaspora after Twitter blockade
Nothing we can do to stop them, says decentralized network
prev story

Whitepapers

A new approach to endpoint data protection
What is the best way to ensure comprehensive visibility, management, and control of information on both company-owned and employee-owned devices?
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Maximize storage efficiency across the enterprise
The HP StoreOnce backup solution offers highly flexible, centrally managed, and highly efficient data protection for any enterprise.
How modern custom applications can spur business growth
Learn how to create, deploy and manage custom applications without consuming or expanding the need for scarce, expensive IT resources.
Next gen security for virtualised datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.