Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Vulnerabilities

Adobe: Patch Coming For Exploit Used Against Defense Firms

Adobe Systems plans to release a patch Friday to close an Adobe Reader and Acrobat security hole at the center of an attack campaign on the defense industry.

Adobe Systems plans to release a patch Friday to close an Adobe Reader and Acrobat security hole at the center of an attack campaign on the defense industry.

The patch for CVE-2011-2462 will fix the issue for Adobe Reader and Acrobat 9.x versions on Windows. The bug – which actually affects multiple versions of Reader and Acrobat across Windows, Mac and UNIX – rests in the U3D component of the software programs. If exploited, an attacker could use the bug to execute arbitrary code or cause a denial-of-service condition.

In addition to Reader and Acrobat 9.x on Windows, the bug also exists in Reader and Acrobat 10.1.1 and earlier on Windows and Macs and Reader 9.x through 9.4.6 on UNIX.

“As stated before, because Adobe Reader X Protected Mode and Adobe Acrobat X Protected View would prevent an exploit of this kind from executing, we are currently planning to address this issue in Adobe Reader X and Acrobat X for Windows with the next quarterly security update for Adobe Reader and Acrobat, currently scheduled for January 10, 2012,” blogged Wendy Poland, senior security response program manager at Adobe.

The vulnerability was first reported to Adobe by Lockheed Martin CIRT and the Defense Security Information Exchange. According to Symantec, the malicious PDF used in the attacks drops the Sykipot Trojan when it is opened. The companies attacked by the latest wave of Sykipot include not only defense contractors, but also telecommunications, chemical and energy companies.

“The attackers consistently use targeted emails containing either a link or malicious attachment,” blogged Vikram Thakur principal security response manager at Symantec. “In both cases, the attackers either exploit unpatched application flaws (zero-day exploits) or simply leverage known exploit code in the hopes that the targeted computer is running vulnerable software.”

Researchers at McAfee took a deep-dive look at the Adobe exploit here.

Written By

Click to comment

Expert Insights

Related Content

Cloud Security

VMware vRealize Log Insight vulnerability allows an unauthenticated attacker to take full control of a target system.

Mobile & Wireless

Apple rolled out iOS 16.3 and macOS Ventura 13.2 to cover serious security vulnerabilities.

IoT Security

Lexmark warns of a remote code execution (RCE) vulnerability impacting over 120 printer models, for which PoC code has been published.

Mobile & Wireless

Technical details published for an Arm Mali GPU flaw leading to arbitrary kernel code execution and root on Pixel 6.

Mobile & Wireless

Apple’s iOS 12.5.7 update patches CVE-2022-42856, an actively exploited vulnerability, in old iPhones and iPads.

Vulnerabilities

Security researchers have observed an uptick in attacks targeting CVE-2021-35394, an RCE vulnerability in Realtek Jungle SDK.

Email Security

Microsoft is urging customers to install the latest Exchange Server updates and harden their environments to prevent malicious attacks.

Vulnerabilities

Google has awarded more than $25,000 to the researchers who reported the vulnerabilities patched with the release of the latest Chrome update.