Zero Day critical vulnerability in Adobe Reader and Acrobat Reader

A critical vulnerability (CVE-2010-2883) exists in Adobe Reader 9.3.4 and earlier versions for Windows, Macintosh and Unix and Adobe Acrobat 9.3.4 and earlier versions for Windows and Macintosh. This vulnerability could cause a crash and potentially allow an attacker to take control of the affected system.

Currently we have not come across such sample but our lab is constantly monitoring the suspicious PDF files that we receive.

All the posts point towards below facts:

– The vulnerability is reported to be exploited by a malware that is spreading through PDF file.
– The exploit works on Windows XP, Windows Vista and Windows 7 as well.

Precautions:
Avoid opening PDF files that are arriving from new unknown source.

Adobe is aware of this vulnerability and may release a out-of-band update to fix the same.

Visit Adobe Advisory page for more details.

Sanjay Katkar

Sanjay Katkar


No Comments, Be The First!

Your email address will not be published.

CAPTCHA Image