Products
Applications
Support
Company
How To Buy
Skip to main content (Press Enter).
Sign in
Skip auxiliary navigation (Press Enter).
Register
Skip main navigation (Press Enter).
Toggle navigation
Search Options
Home
My Communities
Communities
All Communities
Enterprise Software
Mainframe Software
Symantec Enterprise
Blogs
All Blogs
Enterprise Software
Mainframe Software
Symantec Enterprise
Events
All Events
Enterprise Software
Mainframe Software
Symantec Enterprise
VMware
Water Cooler
Groups
Enterprise Software
Mainframe Software
Symantec Enterprise
Members
Endpoint Protection
View Only
Community Home
Threads
Library
Events
Members
Back to Library
Zero-day Attack in the Wild for Adobe Flash, Reader, and Acrobat
1
Recommend
Jun 06, 2010 05:03 AM
Migration User
We have confirmed the attacks that exploit the vulnerability (CVE-2010-1297) that Adobe announced on its
security advisory
are in the wild.
The exploit takes advantage of an unpatched vulnerability in Flash Player, Adobe Reader, and Acrobat, and affects users regardless of whether they use Windows, Macintosh, Solaris, Linux, or UNIX. Adobe has categorized this as 'critical', which is the highest level in its severity rating.
Attacks can take place in various situations; a few are listed below:
Receiving an email with a malicious PDF attachment.
Receiving an email with a link to the malicious PDF file or a website with the malicious SWF embedded in malicious HTML code.
Stumbling across a malicious PDF or SWF file when surfing the web.
We have confirmed that the attack involves
Trojan.Pidief.J
, which is a PDF file that drops a back door Trojan onto the compromised computer if an affected product is already installed. We have also come across an attack using a malicious SWF file (detected as
Trojan Horse
) in conjunction with an HTML file (detected as
Downloader
) to download another malware (detected as
Backdoor.Trojan
) from the web. (We may update these three detection names once our analysis is complete).
The attacks seem limited at this point. However, other cyber criminals may jump on the bandwagon to take advantage of the vulnerability in the very near future. It's advisable that you visit Adobe's security advisory and spend some time investigating what workarounds would be applicable for your environment until a patch is released.
In the meantime, we are doing further analysis in order to develop heuristic detection(s) for both antivirus and IPS.
Please stay tuned for updates.
Statistics
0 Favorited
0 Views
0 Files
0 Shares
0 Downloads
Tags and Keywords
Related Entries and Links
No Related Resource entered.
Copyright 2019. All rights reserved.
Powered by Higher Logic