Virtual Event Now Live: Zero Trust Strategies Summit! - Login for Access
Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Vulnerabilities

New Vulnerability in Adobe Reader Discovered

Researchers at Group-IB have discovered a new vulnerability in Adobe Reader that is being sold on criminal forums. The moderate price, $30,000 – $50,000, likely reflects some of the limitations the vulnerability has to cope with.

According to Group-IB’s initial disclosure, the vulnerability is being sold to a limited circle of criminals, and has already been added to custom versions of the Blackhole Exploit Kit.

Researchers at Group-IB have discovered a new vulnerability in Adobe Reader that is being sold on criminal forums. The moderate price, $30,000 – $50,000, likely reflects some of the limitations the vulnerability has to cope with.

According to Group-IB’s initial disclosure, the vulnerability is being sold to a limited circle of criminals, and has already been added to custom versions of the Blackhole Exploit Kit.

“The vulnerability has some limitations, for example it could be successfully exploited only after the user will close the browser and restart it. Another variant is to organize interaction between the victim and the malformed PDF-document,” explained Andrey Komarov, the Head of International Projects Department of Group-IB

“Either way, the vulnerability is has very significant vector to be spread with bypassing of internal Adobe X sandbox, which is appealing for cybercrime gangs because in the past there was no documented method of how to bypass it with shellcode execution.”

A video showing the vulnerability in action can be seen below.

Adobe is aware of the vulnerability, thanks to members of the media bringing it to their attention, but the company hasn’t outlined any plans for a fix, and they’ve made no further comment on the issue.

“Right now, this exploit isn’t a wide-spread threat to most consumers; however, it could be a concern to large organizations and government agencies that are susceptible to highly targeted attacks that frequently use exclusive 0day exploits,” said Rapid7’s Marcus Carey.

Just yesterday, Adobe pushed a number of patches for Flash Player.

Advertisement. Scroll to continue reading.

According to a recent report from Kaspersky Lab, after Java, software from Adobe is still a major target for criminals. Kaspersky’s Q3 2012 Threat Report shows that nearly 30% of all third-party exploits target Adobe software.

The upside to all of this is that Adobe has gotten better at releasing patches, and the window of opportunity for new flaws has started to shrink thanks to their efforts.

Written By

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join SecurityWeek and Hitachi Vantara for this this webinar to gain valuable insights and actionable steps to enhance your organization's data security and resilience.

Register

Event: ICS Cybersecurity Conference

The leading industrial cybersecurity conference for Operations, Control Systems and IT/OT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity.

Register

People on the Move

Nupur Goyal has joined cloud identity security and management solutions provider Saviynt as VP of Product Marketing.

Threat intelligence firm Intel 471 has appointed Mark Huebeler as its COO and CFO.

Omkhar Arasaratnam, former GM at OpenSSF, is LinkedIn's first Distinguised Security Engineer

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.