Malware Penetrates Allegedly Patched Adobe Reader
Recently, a severe vulnerability in Adobe Acrobat has been discovered by the Shadowserver Foundation, which is being efficiently abused by scammers to install malware on the systems of unaware users.
As per the advisory from Shadowserver, while the vulnerability has been verified in Adobe Reader's 8.1.3 and 9.0.0 versions running on Windows XP Service Pack 3, it is assumed to be working on other versions also. According to Steven Adair, Security Expert at Shadowserver, adobe versions for machines running Linux and Apple's OS X are yet to be examined, but they may also be vulnerable, as reported by TheRegister on February 20, 2009.
Shadowserver feels that very few targeted attacks are being launched by exploiting the vulnerability of Adobe Reader. Though, these sorts of attacks are often more destructive.
Meanwhile, the firm believes that Adobe has acknowledged the issue and is efficiently working to fix it.
Related article: Malware Authors Turn More Insidious
» SPAMfighter News - 02-03-2009