Critical security hole in Adobe Acrobat PDF readers

Filed Under: Adobe, PDF, Vulnerability

Adobe Acrobat PDF folder
Adobe has issued a security alert after a critical zero-day vulnerability was discovered in their popular PDF reading program which could allow hackers to take control of computers.

In a security bulletin issued yesterday, Adobe warned that the security hole would not be patched until 11th March.

The risk is that hackers could deliberately construct a malformed PDF file that would trigger the vulnerability, allowing them to open a backdoor and run malicious code on your computer. This would mean that criminals could, for instance, spam out a PDF file that would infect your PC, or plant malicious PDF content on a website.

As PDF files are so widely used on the internet, and regularly exchanged to share information, there is an obvious concern that hackers may be quick to take advantage of this vulnerability.

Sophos is investigating the vulnerability and reports that exploit code has already been written.

Update: Fraser Howard of SophosLabs has blogged confirming the existence of a malicious PDF which exploits this vulnerability in order to install a Trojan horse onto innocent users' computers. Sophos proactively detects the PDF as Mal/JSShell-B.

Fraser has also provided information about the workarounds that can be used alongside up-to-date anti-virus software to protect your computers while you are waiting for a patch from Adobe.

Further update:Fraser has gone on to blog about how Sophos can protect against the vulnerability with our behavioural buffer overflow protection. Very cool.

, ,

You might like

About the author

Graham Cluley is an award-winning security blogger, and veteran of the anti-virus industry having worked for a number of security companies since the early 1990s. Now an independent security analyst, he regularly makes media appearances and gives computer security presentations. Send Graham an email, subscribe to his updates on Facebook, follow him on Twitter and App.net, and circle him on Google Plus for regular updates.