Adobe confirms zero-day danger in Reader and Acrobat
December 7, 2011 by Nancy Owano 
(PhysOrg.com) -- Adobe on Tuesday issued a critical security advisory for Adobe Reader and Acrobat. A vulnerability was detected and confirmed in Adobe Reader X (10.1.1) and earlier versions for Windows and Macintosh, Adobe Reader 9.4.6 and earlier 9.x versions for UNIX, and Adobe Acrobat X (10.1.1) and earlier versions for Windows and Macintosh. Adobe said the flaw could cause a crash and allow an attacker to take control of the affected system.
The vulnerability is being “actively exploited in limited, targeted attacks in the wild against Adobe Reader 9.x on Windows,” according to the Adobe statement. The goal by attackers is to infect computers with malware. Since it can lead to the execution of arbitrary code, Adobe is categorizing the vulnerability as critical.
Adobe says the flaw affects multiple operating systems and various versions of its software.
• Adobe Reader X (10.1.1) and earlier 10.x versions for Windows and Macintosh
• Adobe Reader 9.4.6 and earlier 9.x versions for Windows, Macintosh and UNIX
• Adobe Acrobat X (10.1.1) and earlier 10.x versions for Windows and Macintosh
• Adobe Acrobat 9.4.6 and earlier 9.x versions for Windows and Macintosh
The Reader for Android and Adobe Flash player are not affected.
Lockheed Martin and members of the Defense Security Information Exchange discovered and reported the flaw to Adobe. Defense contractors are being targeted, suggest reports.
Adobe says it is working on the fix and plans to issue an update for Adobe Reader and Acrobat 9.x for Windows no later than the week of December 12. .Adobe will “address the issue” in .Adobe Reader X and Acrobat X for Windows with the next update for Adobe Reader and Acrobat, and earlier versions of the Mac, scheduled for January 10.
An update to address Adobe Reader 9.x for UNIX is also planned for January 10.
Tracking the latest information on the Adobe incident can be done by accessing the blog at http://blogs.adobe.com/psirt.
Meanwhile, security vendors Sophos reported on Tuesday that more mischief is being added in the form of fake fixes that are pretending to be sent from Adobe. Sophos is warning the public to beware of the phony upgrade notifications. The emails carry a ZIP attachment which has a version of the Zeus Trojan designed to steal banking information. Samples seen so far by Sophos all carry malware in the file "Adobe Systems Software Critical Update Dec 2011.exe" contained within the ZIP.
More information: http://nakedsecuri … re-attached/
© 2011 PhysOrg.com
-
From lemons to lemonade: Reaction uses carbon dioxide to make carbon-based semiconductor,
32 comments
-
Thioridazine kills cancer stem cells in human while avoiding toxic side-effects of conventional cancer treatments,
3 comments
-
SpaceX private rocket blasts off for space station (Update),
42 comments
-
Climate scientists say they have solved riddle of rising sea,
31 comments
-
SpaceX capsule has 'new car' smell, astronauts say (Update),
4 comments
-
Need a rigid insulation material???
21 hours ago
-
magnets or EMF in car bumpers to protect from fender bender
May 26, 2012
-
length of wire in a coil of known dimensions?
May 25, 2012
-
India Engineering Powerhouse
May 25, 2012
-
electromagnet core dereference between hard and soft iron
May 25, 2012
-
Measuring water pressure in an open tank
May 24, 2012
- More from Physics Forums - General Engineering
More news stories
Browser wars flare in mobile space
The browser wars are heating up again, but this time the fight is for dominance of the mobile Internet.
14 hours ago |
5 / 5 (2) |
3
Probability of contamination from severe nuclear reactor accidents is higher than expected: study
Catastrophic nuclear accidents such as the core meltdowns in Chernobyl and Fukushima are more likely to happen than previously assumed. Based on the operating hours of all civil nuclear reactors and the number ...
Technology / Energy & Green Tech
May 22, 2012 |
3.6 / 5 (25) |
56
|
HyperSolar shows dirty water no barrier to power world
(Phys.org) -- The Santa Barbara, California, company, HyperSolar, is set to transparently share the ups and downs of its research experiences toward the company’s ultimate vision, successfully producing ...
Technology / Energy & Green Tech
May 24, 2012 |
4.8 / 5 (16) |
17
|
SpotterRF debuts Radar Backpack Kit (w/ Video)
(Phys.org) -- SpotterRF has announced a special radar backpack kit designed to enhance situational awareness for soldiers on the ground. The company says its special radar is designed for warfighters as part ...
Technology / Hi Tech & Innovation
May 26, 2012 |
5 / 5 (5) |
13
|
Tesla to launch electric sedan in US on June 22
Tesla Motors said Tuesday it would begin deliveries of "the world's first premium electric sedan" on June 22, slightly ahead of schedule.
Technology / Energy & Green Tech
May 22, 2012 |
4.5 / 5 (12) |
18
Stunning image of smallest possible five-ringed structure
Scientists have created and imaged the smallest possible five-ringed structure – about 100,000 times thinner than a human hair – and you'll probably recognise its shape.
'Unzipped' carbon nanotubes could help energize fuel cells, batteries
Multi-walled carbon nanotubes riddled with defects and impurities on the outside could replace some of the expensive platinum catalysts used in fuel cells and metal-air batteries, according to scientists at ...
Change in developmental timing was crucial in the evolutionary shift from dinosaurs to birds: study
At first glance, it's hard to see how a common house sparrow and a Tyrannosaurus Rex might have anything in common. After all, one is a bird that weighs less than an ounce, and the other is a dinosaur that ...
Computer model used to pinpoint prime materials for efficient carbon capture
When power plants begin capturing their carbon emissions to reduce greenhouse gases – and to most in the electric power industry, it's a question of when, not if – it will be an expensive undertaking.
T cells 'hunt' parasites like animal predators seek prey, study shows
By pairing an intimate knowledge of immune-system function with a deep understanding of statistical physics, a cross-disciplinary team at the University of Pennsylvania has arrived at a surprising finding: T cells use a movement ...
Land and sea species differ in climate change response: study
(Phys.org) -- Marine and terrestrial species will likely differ in their responses to climate warming, new research by Simon Fraser University and Australia’s University of Tasmania has found.
