Adobe Reader Vulnerability: Actively Being Exploited
Several active exploits targeting a vulnerability in Adobe Reader are now in the wild.
Last week, Adobe released an update for Adobe Acrobat 8 and Adobe Reader 8 and a day later, a working exploit code for the util.printf() vulnerability was released. As expected, malware authors were quick to use the exploit for their own gain.
Trend Micro Research Manager Ivan Macalintal was alerted to the discovery of malicious .PDFs that exploit the Adobe Reader vulnerability, which Trend Micro now detects as TROJ_PIDIEF.CB. Users with unpatched Adobe Reader software may be infected when they unknowingly access a certain remote website or are redirected there from malicious banners and ads.
Upon execution, TROJ_PIDIEF.CB could crash Reader and then allow a malicious user to take control of an affected system. This compromises system security and exposes it to more threats as malicious users could easily dump adware and malicious programs under the VUNDO, VIRTUMON, and in some cases, also VIRUT families into infected PCs.