Adobe Reader, Acrobat security risk investigated

Adobe is investigating reports that hackers exploited previously unknown bugs in its Reader and Acrobat software

By - February 14, 2013
Adobe logo

Adobe Systems Inc is investigating a report by a cybersecurity firm that hackers exploited previously unknown bugs in its Reader and Acrobat software to launch sophisticated attacks on personal computers.

FireEye, a Silicon Valley company that helps businesses fight cyber attacks, told Reuters it obtained so-called PDF files tainted with malicious software, which can take advantage of the newly discovered bugs.

It declined to identify any victims of the attacks.

A spokeswoman for Adobe said that the company is investigating the report, which surfaced late on Tuesday. She declined to elaborate.

This has been a busy year so far for Adobe’s security team. In January, the company pushed out security updates to fix vulnerabilities in Reader, Acrobat and Flash, as well as a program known as ColdFusion that is used to build websites.

Last week, it rushed out a fix for Flash Player after security software maker Kaspersky Lab identified a critical bug that enabled hackers to install “back doors” and take control of PCs running on Microsoft Corp’s Windows operating system or Apple Inc’s Mac OS X.

Adobe’s software has long been a popular target for hackers, who attack PCs by finding bugs in widely used programs that they can then exploit to insert viruses on computers. Experts estimate that Reader and Acrobat programs for accessing PDF documents and Flash Player for accessing Internet content are installed on more than 1 billion PCs.

Hackers exploiting the most recently discovered vulnerability use PDF files to infect PCs, according to FireEye.

When the victim opens the PDF, a visa application form appears onscreen, and a virus installs a covert communications channel with a remote computer known as a “command and control” server, which hackers use to control infected PCs, said Zheng Bu, senior director of research at FireEye.

He said the virus also installs a third malicious file on the infected computer, but declined to elaborate.

Adobe has yet to provide advice on how to protect PCs against attack. FireEye said computer users should avoid opening unfamiliar PDFs, especially when coming from unknown sources.

FireEye said on its blog it has observed attacks on PCs running Adobe Reader 11, the most-recent version of the software, as well as Reader 9 and Reader 10.

Adobe said on its own security blog that the issue also affected Acrobat XI, the current version of the software used to create PDF documents.

(Reporting By Jim Finkle; Editing by Bernard Orr)

More Adobe news

Apple, Microsoft, Adobe to explain high prices to Aussie parliament

Firefox to block Java, Silverlight, Adobe Reader

Adobe releases Game Developers Tools

Share your thoughts

Shutterstock is the image partner of MyBroadband – more technology images

Join the conversation

Connect with Us

androidappletwitterfacebookgoogleplusfeednewsletter

Poll

If South Africa was to have only one capital, which city should it be?

View Results

Loading ... Loading ...

More News

This is how Anonymous hacked over 200 South African websites

Anonymous

Hackers have defaced hundreds of South African websites hosted with Webafrica.

Fastest broadband speed: 1.125Tbps

Fibre internet cable

A new record for the fastest ever data rate for digital information has been set by UCL researchers in the Optical Networks Group.

Autopage’s subscriber base sale approved by Competition Tribunal

Altech Autopage, Altech Technology Concepts card in hand

Regulators have given Vodacom, MTN and Cell C the green light to acquire the subscribe base of mobile service provider Altech Autopage.

Awesome deals on tech and gadgets

Tech Deals Specials blue

If you’ve clicked on this article, you must be here for the best tech and gadget deals in South Africa this weekend – and the Staff Writer’s “hilarious” joke, of course.

X

Newsletter Subscription


Name
Email *
Enter the following to confirm your subscription *
Captcha image


Free MyBroadband Newsletter
Subscribe
x