Attacks aimed at Adobe Reader, Acrobat flaws intensify

Problems with Adobe's software can potentially affect millions of PCs; users are advised to upgrade to the patched version

By Jeremy Kirk, IDG News Service
February 11, 2008

Talkback

E-mail

Printer Friendly

Reprints

The flaws disclosed last week in Adobe System's Reader and Acrobat programs have been used to exploit computers since at least January via malicious banner advertisements, security analysts are reporting.

Adobe issued patches last Wednesday for Reader and Acrobat, but the company did not detail the flaws.

Problems with Adobe's software can potentially affect millions of PC users, since the company's software is widely used to read PDF files. Most people regard PDFs as harmless.

"From our standpoint, it appears that this PDF-based attack has been quite successful, affecting many thousands of users throughout the world," wrote Hon Lau on Symantec's Security Response Weblog.

Greg McManus of iDefense Labs, the security arm of VeriSign, reported one of the vulnerabilities to Adobe in October, according to a post by the SANS Institute, a computer security organization.

Since hackers have been apparently using the Adobe flaws since January, it raises the question how they discovered the flaw.

Lau wrote that the "swiftness of the exploit appearing in the wild suggests that leaks had occurred."

However, it appears that the vulnerabilities in Reader and Acrobat were disclosed in a responsible way, Lau wrote.

The flaws in the programs allow a hacker to create a malicious PDF document. If opened by a victim, that document downloads a malicious Trojan that Symantec calls "Zonebac."

Zonebac was first detected in 2006. It shuts off a user's security software as well as downloads other bad software. The latest version also appears to taint search engine results, Lau wrote.

In January, iDefense noticed that the malicious PDF document was being delivered through malicious banner advertisements. Symantec's Lau wrote that it's not immediately clear how the PDF file is delivered, but that the banner ads could be redirecting people to other harmful Web sites with the file. Also, spam messages may be carrying the bad file as an attachment.

Malicious banner ads can be particularly dangerous since the ads can show up on legitimate Web sites. Online advertising companies have struggled to keep these ads off their networks. Sometimes, hackers will approach the networks with what is a legitimate ad and then substitute it for a malicious one. Many of those bad ads have exploited vulnerabilities in Adobe's Flash multimedia technology.

Adobe's Reader and Acrobat are designed to regularly look for updates, but users are advised to upgrade to the patched version, 8.1.2.

Add to:

Digg

Talkback:

comment Post a Comment

MOST COMMENTS

>> Talkback: Have your say

Remote Access: Maintain Security and Decrease the Burden on IT
Join this interactive webcast to discover how IT Managers can control access rights, end-user security settings and end-point authorization. Sponsor: Citrix(R) GoToMyPC(R) Corporate

» Click here to view this Webcast

Virtualization Solutions Guide
This comprehensive IT Strategy Guide covers Virtualization and puts you at the forefront of the discussion. You'll learn all you need to know from the cost of virtualization, how to implement it for your business, how to back it up safely and which products are best. Sponsored by Riverbed

» Click here to download now

- Special Advertising Partners -

WHITE PAPERS

Windows Vista: A Cyber Security Shield - Windows Vista incorporates a number of new and enhanced security features that address spyware, security vulnerabilities...
Key Strategies for SOA Testing - Unless you're willing to reorient your testing procedures and technology now, you may find yourself behind the curve as ...
Document Management 2.0 - Web-based Collaboration and the Road to Compliance - Adopting Web-based document management can put organizations in a better position to address constraints and opportunities...
Content Management Integration - The Triumph of the foot soldier - The first Content Management applications addressed common business problems with complex solutions. While they filled a...
Class of Service: Myths and Misconceptions - There has been much discussion about the benefits of CoS; but, there are also common myths, which unless challenged, can...
Factors to consider when comparing DSL or Cable - As the demand for high-speed access increases, businesses are looking for cost-effective connection options for remote workers...

» Technology White Papers Library

Technology White Papers by Topic

Technology White Papers E-mail Alert

Find out when the latest white paper is available:

INFOWORLD MARKETPLACE

Deliver REMOTE SUPPORT Easily. Try WebEx FREE! - DOWNLOAD WEBEX SUPPORT CENTER FREE! Deliver efficient, effective support. CRUSH SUPPORT LOG JAMS!
Migrating to an IP-VPN? XO Can Make It Happen - Learn the five critical success factors with a free whitepaper from XO Enterprise Solutions.
Sign up to TRY WEBEX SUPPORT CENTER FOR FREE! - Get your FULL FEATURED trial here. Share documents and applications, address support challenges.
IP Networks Boost Secure Health Communications - AT&T provides secure communication to keep health care moving forward.
Why a CMDB? - IT best practices (ITIL) have shown the benefits of a CMDB. Click for whitepapers.

» BUY A LINK NOW

Attacks aimed at Adobe Reader, Acrobat flaws intensify

MOST COMMENTS

» Technology White Papers Library

Technology White Papers by Topic

Technology White Papers E-mail Alert

Video

Podcasts

InfoWorld Blogs

Columnists

Find Products and Companies

Resource Center

Sponsored Technology Links

Sponsored Technology Links
AT&T - Factors to consider when comparing DSL or Cable AT&T - Thinking about IMS AT&T - What to expect from a Technology Assessment. AT&T - Refine your company's plan for a Business Disruption Event HP - HP Color LaserJet CP4005n printer. Now $899. SHOP NOW Dell - Dell Latitude: Battery life up to 19 hours. Learn more. Equallogic - Flexible, Scalable, Enterprise Storage for Virtual Infrastructures Equallogic - Four Steps to Disaster Recovery and Business Continuity Using iSCSI HP - Get Extreme Storage for Extreme Business with HP. Dell/Equallogic - PS Series Best Practices Deploying Microsoft(R) Exchange Server 2007 in an iSCSI SAN Symantec - Make data protection more efficient with Veritas NetBackup Xerox - Experience the colorful side of business at www.frugalcolor.com EMC - EMC and VMware help you build your virtualized infrastructure. Dell - Windows Vista: A Cyber Security Shield Mindreef - Key Strategies for SOA Testing AT&T - Class of Service: Myths and Misconceptions HP - HP LaserJet P4014n printer Starting at $699 after $100 IS. SHOP NOW HP - HP LaserJet M3035 MFP series Starting at $1,599. SHOP NOW Rackspace - Go Green Without Sacrificing Server Performance HP - HP StorageWorks products-control, consolidation and confidence. HP - Speed, agility, flexibility - The HP BladeSystem c-Class. InterSystems - Development, integration, BPM, and BAM together in Ensemble Big Fix - Before all Hell breaks loose on your network & your endpoints! 3PAR - Takes on the Storage Industry Giants		Platespin - Consolidated Disaster Recovery Using Virtualization Brocade - Transform Your Data Center at Brocade Conference 2008, Las Vegas, Sept 22-24 Platespin - 8 Phases of a Successful Consolidation Initiative SGI - SGI Adaptive Data Warehouse: Building a High-End Oracle Data Warehouse Microsoft - Learn about the software-based VoIP solution from Microsoft. Microsoft - Meet Windows Server 2008. The server unleashed. HP - Whitepaper: How IT Quality Managers Respond to SOA Change IBM - Webcast: Take control of your content- leverage MOSS HP - Whitepaper: Software Quality Management for SOA Polycom - Telepresence For The Enterprise GoToMyPC - Research Brief: Providing Secure and Cost-Effective Remote Access AppAssure - Keeping the E-Mail Flowing Tripwire - Secure your virtual and physical environments with the same software. Novell, IBM, and Intel - Solution for Open Virtualization Provides Server Consolidation Symantec - Whitepaper: Secure, recover, and archive critical information Symantec - Whitepaper: Protecting Microsoft(R) Applications Riverbed - Five Ugly Truths about WAFS and Caching AT&T - Enhancing security through Quantum Cryptography Riverbed - Wide Area Data Services Microsoft - Microsoft Forefront makes defending your systems easier. Learn how. AMD - Renowned Engineering Institution Chooses AMD Processor-Based Servers AMD - Watch this flash demo of the Quad-Core AMD Opteron Processor AMD - HP and Oracle deploy unbreakable computing infrastructure Qwest - Learn how Qwest voice and data solutions can save you time. Oracle - The Power of Two with SOA and BPM

	HOME NEWS BLOGS PODCASTS VIDEOS TECHNOLOGIES TEST CENTER EVENTS CAREERS	About \| Advertise \| Awards \| RSS \| Contact Us
Copyright © 2008, Reprints, Permissions, Licensing, IDG Network, Privacy Policy, Terms of Service. All Rights reserved. InfoWorld is a leading publisher of technology information and product reviews on topics including viruses, phishing, worms, firewalls, security, servers, storage, networking, wireless, databases, and web services. CIO :: ComputerWorld :: CSO :: Demo :: GamePro :: Games.net :: IDG Connect :: IDG World Expo Industry Standard :: IT World :: JavaWorld :: LinuxWorld :: MacUser :: Macworld :: Network World :: PC World :: Playlist