Hackers exploit zero day vulnerability in Adobe Reader and Acrobat

By Lee Kaelin on December 7, 2011, 9:30 AM

Adobe confirmed yesterday that its Adobe Reader software contains a zero-day vulnerability, crediting the security team at Lockheed Martin, which itself was a victim of an attack through the exploit, and members of the Defense Security Information Exchange for discovering and reporting the bug.

It appears defence contractors are being specifically targeted in this case. Adobe confirmed that the flaw is "being actively exploited in limited, targeted attacks," although no further details were provided.

The company issued a critical security advisory and confirmed the flaw affects multiple operating systems and various versions of its software, though using the latest release in Protected Mode or Protective View reportedly prevents the vulnerability from being exploited.

"This vulnerability (CVE-2011-2462) could cause a crash and potentially allow an attacker to take control of the affected system," Adobe said in its security advisory. The affected software and operating systems are:

• Reader X 10.1.1 and earlier 10.x versions for Windows and Apple OS X
• Reader 9.4.6 and earlier 9.x versions for Windows, Apple OS X and Unix
• Acrobat X 10.1.1 and earlier 10.x versions for Windows and Apple OS X
• Acrobat 9.4.6 and earlier 9.x versions for Windows and Apple OS X

Adobe was also keen to point out its Reader for Android and Adobe Flash player are not affected.  The firm plans to update Windows versions of its 9.x software by no later than the week ending December 12. All other affected versions will receive a patch by January 10, 2012. 

Those using Adobe's Reader X and Acrobat X versions are advised to either avoid opening unknown files or use protected mode or protected to access them if necessary until the patch is available in the New Year.

The company was recently in the news at the beginning of November after revealing its shock decision to terminate further development of Flash for mobile browsers. Instead, it will focus solely on HTML5 and other web technologies.




User Comments: 7

Got something to say? Post a comment
Cota Cota said:

This is where interactive firewalls come handy:

*Nod32 traffic window appears whit an unknown incoming communication*

*Clicks Remember action, remember IP and Denny button*

Guest said:

I have never been crazy about Adobe in general but they really need to fix and make their products more secure. Why does a .PDF READER need to write stuff anyhow?

Eddo22 said:

I ditched adobe reader years ago. Foxit is where .PDF reading is at.

tehbanz tehbanz said:

Eddo22 said:

I ditched adobe reader years ago. Foxit is where .PDF reading is at.

seconded!

treetops treetops said:

hmm i need to get rid of adobe its been the focus of hackers off and on since its inception, mines been acting funny lately

TJGeezer said:

tehbanz said:

Eddo22 said:

I ditched adobe reader years ago. Foxit is where .PDF reading is at.

seconded!

You're right. Foxit is fast, small and very capable. Plus it doesn't watermark PDFs when printing, unlike some Acrobat alternatives. And I've never seen it crash, unlike Acrobat.

Guest said:

using alternatives does not mean your completely clear of vulnerbilities but that the vulneerbilities in that alternative product has not yet been publicly discovered.

Load all comments...

Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.