Researchers Uncover Dangerous Adobe Reader Zero-Day Flaw


Security researchers have detected a dangerous Adobe Reader zero-day vulnerability being actively exploited in a series of targeted attacks.

Researchers at Milpitas, Calif-based antimalware company FireEye discovered the zero-day flaw and say they have submitted it to the Adobe security team. Details are scarce about the nature of the vulnerability, but in a blog post, FireEye warned users to avoid opening any unknown PDF files until the issue is addressed.

The zero-day vulnerability is in Adobe PDF Reader 9.5.3, 10.1.5, 11.0.1 and earlier versions, according to FireEye. The two-pronged attack detected by the firm contains a message and a communication mechanism to a remote server, the firm said in a blog entry.

[Related: Adobe Update For Acrobat, Reader Repairs 26 Flaws]

"The first DLL shows a fake error message and opens a decoy PDF document, which is usually common in targeted attacks," FireEye wrote. "The second DLL in turn drops the callback component, which talks to a remote domain."

An Adobe spokesperson said the company is investigating the issue. "We will provide an update as soon as we have more information," the company said.

Adobe has been busy addressing Flash Player vulnerabilities. The company issued a security update Tuesday, addressing 17 vulnerabilities in the ubiquitous browser component.

It was the second security update issued in less than a week. The software maker issued an emergency update Feb. 7, addressing two zero-day flaws in Flash Player.

PUBLISHED FEB. 13, 2013