Adobe Reader Zero-day being exploited in the wild
- Adobe Reader X (10.1.1) and earlier versions for Windows and Macintosh
- Adobe Acrobat X (10.1.1) and earlier versions for Windows and Macintosh
- Adobe Reader 9.4.6 and earlier
- 9.x versions for UNIX
This critical vulnerability has recently been seen exploited in the wild in targeted attack emails sent on November 1st and 5th. This attack leverages the zero-day vulnerability in order to infect target computers with Backdoor.Sykipot.
We have seen Backdoor.Sykipot used in targeted attacks since January, 2010 and this is not the first time it has been used in conjunction with a zero-day exploit.
We detect the malicious PDF document as Trojan.Pidief and the dropped component as Backdoor.Sykipot.
Analysis is ongoing and updates will be provided as more information becomes available.
As always, be vigilant when opening any PDF attachments in unsolicited emails.