All the latest UK technology news, reviews and analysis


Adobe warns users over zero-day PDF attack

13 Feb 2013
Adobe headquarters in San Jose

Security experts have urged users to be cautious following the discovery of a new zero-day attack on Adobe's Reader and Acrobat platforms.

Adobe said that its Product Security Incident Response Team (PSIRT) is investigating an attack which uses modified PDF files to exploit the vulnerability.

"Adobe is aware of a report of a vulnerability in Adobe Reader and Acrobat XI (11.0.1) and earlier versions being exploited in the wild," the PSIRT said.

"We are currently investigating this report and assessing the risk to our customers."

Word of the attacks comes just hours after Adobe posted a security update to address flaws in its Flash and Shockwave platforms. The company gave no word on when a possible Reader update would be released.

Adobe's Reader and Acrobat platforms have historically been favourite targets for malware writers. The PDF file attacks are second only to Java exploits as the most commonly-targeted platforms in the wild.

Ross Barrett, senior manager of engineering for security firm Rapid7, noted that the casual way in which many users handle documents makes PDF attacks particularly dangerous.

"On any given day I would view a PDF attachment that I am not explicitly expecting with a high degree of suspicion, and this is just confirmation of those concerns," Barrett explained.

"The major risk will be via compromised 'safe' websites which are serving the malware unbeknownst to their legitimate operators."

  • Comment  
  • Tweet  
  • Google plus  
  • Facebook  
  • LinkedIn  
  • Stumble Upon  
Shaun Nichols
About

Shaun Nichols is the US correspondent for V3.co.uk. He has been with the company since 2006, originally joining as a news intern at the site's San Francisco offices.

More on Security
What do you think?
blog comments powered by Disqus
Poll

Green IT poll

How important is it to your business that a cloud provider uses renewable energy like solar or wind to power their data centres?
21%
6%
4%
3%
66%

Popular Threads

Powered by Disqus
Xperia Z2 vs Galaxy Note 3 video review.jpg

Xperia Z2 vs Galaxy Note 3 video review

We pit Sony's 2014 flagship against Samsung's ruling phablet

Updating your subscription status Loading
Newsletters

Get the latest news (daily or weekly) direct to your inbox with V3 newsletters.

newsletter sign-up button
hpv3may

Getting started with virtualisation

Virtualisation can help you reduce costs, improve application availability, and simplify IT
management. However, getting started can be challenging

ibmv3may

Converting big data and analytics insights into results

Successful leaders are infusing analytics throughout their organisations to drive smarter decisions, enable faster actions and optimise outcomes

Front End Developer - Guildford

Job; Front End Developer - Guildford This ‘creative...

Python Developer - Major Cloud Hosting Provider - nr Guildford

Python Developer, Django (or similar), MySQL, Surrey;...

Senior PHP Developer - Full Stack, LAMP, Java, eCommerce

PHP DEVELOPER, LAMP, JAVA, JAVASCRIPT, FULL STACK, ECOMMERCE...

C++ Visual C++ STL GUI UI Software Engineer Cambridge £45k

C++ Visual C++ STL Software Engineer Cambridge £45k...
To send to more than one email address, simply separate each address with a comma.