On TechRepublic: The 5 worst tech products of 2009
BNET Business Network:
BNET
TechRepublic
ZDNet

September 20th, 2007

'High risk' zero-day flaw haunts Adobe Acrobat, Reader

Posted by Ryan Naraine @ 4:30 pm

Categories: Botnets, Browsers, Data theft, Exploit code, Firefox, Hackers, Microsoft, Patch Watch, Pen testing, Responsible disclosure, Spam and Phishing, Spyware and Adware, Viruses and Worms, Vulnerability research, Windows Vista, Zero-day attacks

Tags: Adobe Systems Inc., Adobe PDF, Adobe Acrobat, Adobe Acrobat Reader, Microsoft Windows, Operating Systems, Software, Ryan Naraine

‘High risk’ zero-day haunts Adobe Acrobat, ReaderAdobe’s ever-present Acrobat/PDF Reader software is prone to a nasty code execution vulnerability that could expose Windows users to PC takeover attacks.

Details of the flaw, which affects Windows XP SP2 with IE7 and Adobe Reader 8.1, 8.0 and 7 are being kept under wraps until Adobe releases a fix.

Petko D. Petkov, the researcher who discovered this issue, is not mincing words about the risk severity:

Adobe Acrobat/Reader PDF documents can be used to compromise your Windows box. Completely!!! Invisibly and unwillingly!!! All it takes is to open a PDF document or stumble across a page which embeds one.

The issue is quite critical given the fact that PDF documents are in the core of today’s modern business. This and the fact that it may take a while for Adobe to fix their closed source product, are the reasons why I am not going to publish any POCs. You have to take my word for it. The POCs will be released when an update is available.

Petkov gave me a peek at a proof-of-concept exploit that worked as advertised. On my Windows XP box with a fully patched version of Adobe Reader, opening a rigged PDF file launched calc.exe without warning.

Unpatched Adobe PDF code execution vulnerability

The exploit did not work during my tests on Windows Vista.

ALSO SEE:

Exploit code posted for critical Adobe Photoshop flaw

Ryan NaraineRyan Naraine is a journalist and security evangelist at Kaspersky Lab. He manages Threatpost.com, a security news portal. Here is Ryan's full profile and disclosure of his industry affiliations.


Email Ryan Naraine

For daily updates on Ryan's activities, follow him on Twitter.

Subscribe to Zero Day via Email alerts or RSS.

Related Discussions on TechRepublic

Did you know you can take part in these discussions with your ZDNet membership?

  • Talkback
  • Most Recent of 23 Talkback(s)
Please
Im develop for linux as a living and truely love this OS. If you must stick in the nose of the windows user, could you please do it more with highlighting the true coolness of this system such as many... (Read the rest)
Posted by: MetaVoid Posted on: 10/05/07 You are currently: a Guest | | Terms of Use
In the meantime  Yagotta B. Kidding | 09/20/07
more reasons to switch to Linux!  Linux Geek | 09/21/07
Or Vista!  itpro_z | 09/21/07
Nope, can't do it because ...  OButterball | 09/21/07
LMAO  not of this world | 09/22/07
Riight!  Wolfie2K3 | 09/21/07
Or...  zkiwi | 09/22/07
or . . .  not of this world | 09/22/07
Pardon me, but...  zkiwi | 09/23/07
Please  MetaVoid | 10/05/07
Think-Ahead Progamming Isn't Cheap  bcroner | 09/21/07
Isn't outsourcing wonderful?  RS9 | 09/21/07
Marx...  Wolfie2K3 | 09/21/07
This is the HTML control again!  Resuna | 09/21/07
Can you read?  PB_z | 09/21/07
The strange thing...  Ryan NaraineZDNet Moderator | 09/21/07
IE7's impact  ejhonda | 09/21/07
Merely installed?  zkiwi | 09/22/07
Don't use IE7  Greenknight_z | 09/22/07
RE: 'High risk' zero-day flaw haunts Adobe Acrobat, Reader  manie3844@... | 09/22/07
3 files acrobat makes hard to remove  not of this world | 09/22/07
Dump adobe and IE.  kraterz | 09/23/07
RE: 'High risk' zero-day flaw haunts Adobe Acrobat, Reader  iunbcerb | 10/03/07

What do you think?

SponsoredWhite Papers, Webcasts, and Downloads

advertisement

Recent Entries

advertisement

Archives

Favorite Links

ZDNet Blogs

White Papers, Webcasts, and Downloads

SmartPlanet

Click Here