Critical vulnerability found in Adobe Reader

— 10:53 AM on September 21, 2007

Windows users might want to watch out for PDF files of dubious origin, judging by an article at eWeek. The article quotes security analyst Petko D. Petkov as saying Adobe Reader is subject to a zero-day security vulnerability through which an attacker can take over a Windows system. According to Petkov, "All it takes is to open a [maliciously rigged] PDF document or stumble across a page which embeds one." The issue has reportedly been verified on Windows XP Service Pack 2 with Adobe Reader 8.1, but previous versions of Adobe Reader may also be vulnerable.

Considering the prevalence of PDF files and the fact that Adobe Reader is a closed-source product, Petkov says he will not release a proof of concept until the issue is patched. Nonetheless, the problem appears real: eWeek quotes Secure Computing VP of Technology Paul Henry as saying, "The ability to use PDFs to install malware and steal personal information from remote PCs is here." Henry mentions that Petkov has put out five proof of concepts for PDF-related security problems in the past and adds, "[Petkov]'s done a lot of work attaching JavaScript to media files. We have to assume this latest trick involves a change in something with the media files, with JavaScript."

Meanwhile, eWeek says Symantec has issued a warning to customers via its DeepSight Alert Services. The warning talks of an "unspecified vulnerability when handling malicious PDF files" that allows attackers to take over victims' machines.

Tip: You can use the A/Z keys to walk threads.
View options

This discussion is now closed.