Adobe Flash was recently hit by two zero-day exploits that the company quickly worked to patch up. Now one of Adobe’s other popular Web plugins – Reader – has been hit.
Computer security company FireEye found yesterday that Adobe Reader was hit by a zero-day exploit. The exploit is currently found in the latest Adobe Reader versions – 9.5.3, 10.1.5 and 11.0.1. Here’s what the exploit does:
Upon successful exploitation, it will drop two DLLs. The first DLL shows a fake error message and opens a decoy PDF document, which is usually common in targeted attacks. The second DLL in turn drops the callback component, which talks to a remote domain.
FireEye has alerted Adobe to the threat, and the company is now investigating the report. It will have an update on what actions it plans to take soon.
Instead of waiting for Adobe to act, you should probably switch to a different PDF reader. There are numerous free, open-source PDF readers that do a marvelous job without relying on a Web browser plugin that can be exploited to insert malware onto your system.
The Firefox 19 Beta is also testing out a new native HTML5 PDF reader plugin that would be far more secure than traditional plugins. It’s only a matter of time before the HTML5-friendly Chrome follows suit with its own.
[h/t: The Next Web]