Adobe Reader attacked by JavaScript bug
The flaw in Adobe Reader - which also affects some versions of Adobe Acrobat - allows an attacker to completely control a system.
According to an article over on CNet, the exploit - which is being described as a 0-day attack targeting both the latest version of Adobe Reader as well as Adobe Acrobat 9.1.3 and earlier - is being actively used in the wild, and is capable of affecting systems based on any version of Windows from 98 up to Windows Server 2003 - with the exception of Windows Vista and the as-yet unreleased Windows 7.
The vulnerability, spotted by anti-virus firm Trend Micro, has been labeled Troj_Pidief.Uo, and uses the JavaScript-based malware package Js_Agent.Dt to drop a backdoor application dubbed Bkdr_Protux.bd" - giving the attacker full control over the system.
Although Adobe has written a patch which addresses the targeted issue, the company has stated it is holding back its release until tomorrow - to co-incide with Microsoft's traditional Patch Tuesday monthly release cycle and give system administrators an easier time of things. However, this does leave systems vulnerable for an extra day.
This isn't the first time that JavaScript flaws have proven problematic for Adobe's popular PDF programs: back in April the company admitted that its products were the victim of another 0-day vulnerability, which itself echoed an attack from February of the same year. Another JavaScript vulnerability was discovered in June of last year, just one month after Adobe updated its Flash player package to protect against another scripting vulnerability.
For now, the work-around for the issue remains the same as always - disable JavaScript processing via the Preferences menu.
Are you surprised to see Adobe fall victim to yet another JavaScript-based attack, or will this sort of thing keep happening until the company completely redesigns its JavaScript engine from the ground up? Share your thoughts over in the forums.
Previous Article
11 Comments
Discuss in the forums Replyquite easy if you ask me cause there are programs allready that will do it or just simply stop the program from conecting to the internet
Well, Win7 isn't out yet so there's no point in wasting time making sure the exploit works with it. Plus, I'd guess that the user base for XP is still higher than Vista. I know plenty of people who still run XP whilst waiting for Win7. Hell, I know a few people that recently bought new machines with Vista pre-installed, only to wipe the HDD and install a pirate copy of XP!
I install legal versions of xp on a quite a few peoples laptops and desktops, from vista factory images. Alot of people seem to still think Vista is full of bugs, and the interface and settings have changed so much that they also feel lost and confused when trying to do anything in it.
As to the Adobe problem, maybe we'll get (un)-lucky(?) and M$ will use this as launchpad to replace Java with a platform of their own?
It amazes me how often there are 0-day exploits for acrobat - usually concerning some extra stuff they bundle with the reader like javascript or something. They should at least warn users that the PDF is attempting to execute code, rather than blindly trusting that the PDF is non-malicious.
Programing and development are not in skill set, yet. Thanks for clearing that up.
Anyone know if the same vulnerabilities exist in the foxit reader?
I also know that in the past, some exploits affecting Adobe's PDF viewer have affected Foxit too.
Bottom line is, why are PDF viewers trying to run code at all?
They are meant to be simple viewers.
They used to be less than a meg to download and now they're huge.
I think Adobe's PDF viewer is the very epitome of bloatware and everyone's security is the resultant victim. :(
Is Foxit PDF Reader also affected though or is this purely an Adobe issue?
I have steadily moved away from Commercial Software and now use mostly open source software with the exception of Windows (for Games) at least until one of the *nix distros and software developers better support games and apps. I also still use Photoshop for the time being, at least until I can get to grips with using Gimp.