Zero Day Vulnerability Hits Adobe - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Cloud // Software as a Service

Zero Day Vulnerability Hits Adobe

Bug could allow an attacker to trick an Acrobat user into opening a "specially crafted" PDF file; Adobe plans to release fix next week.

A new zero-day vulnerability, first disclosed on Monday, affects the latest versions of Adobe Acrobat and Reader. The bug might allow an attacker to remotely exploit machines.

"Analysis shows that malicious PDF documents invoke a function call to Doc.printSeps() to take advantage of the vulnerability. Proof of concept code plants shell code in memory using heap spraying to exploit the vulnerability." said Websense, which first reported the flaw to Adobe.

According to vulnerability research firm Vupen Security, which first publicly disclosed the critical vulnerability, attackers could exploit the flaw "to crash an affected application or compromise a vulnerable system by tricking a user into opening a specially crafted PDF file."

Vupen said it confirmed the vulnerability affects Adobe Reader version 9.4 running on either Windows 7 or Windows XP SP3. In addition, it said Reader version 8.2.5 (and prior), Adobe Acrobat version 9.4 (and prior) and Adobe Acrobat version 8.2.5 (and prior) are also affected.

Adobe acknowledged a "potential" vulnerability and said that "arbitrary code execution has not been demonstrated, but may be possible." It also said that while Reader was affected, Acrobat was not.

To prevent the vulnerability from being exploited, Adobe recommended using the JavaScript Blacklist Framework -- introduced in versions 9.2 and 8.1.7 of Reader -- which provides "granular control over the execution of specific JavaScript APIs." Vupen, on the other hand, as a workaround recommends completely disabling JavaScript in Acrobat and Reader.

Websense said that, to date, no attacks using the exploit have been seen in the wild.

Adobe is set to release patched versions of Adobe Reader and Acrobat versions 9.x the week of Nov. 15.

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
How GIS Data Can Help Fix Vaccine Distribution
Jessica Davis, Senior Editor, Enterprise Apps,  2/17/2021
Graph-Based AI Enters the Enterprise Mainstream
James Kobielus, Tech Analyst, Consultant and Author,  2/16/2021
11 Ways DevOps Is Evolving
Lisa Morgan, Freelance Writer,  2/18/2021
White Papers
Register for InformationWeek Newsletters
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you.
Flash Poll