Adobe Applications – Prime Target of Hackers

The Symantec's annual EMEA Internet Security Threat Report claims that Acrobat software and Flash Player application o Adobe were the prime targets for cyber crooks trying to implant malware on the European PCs in 2008.

The attack intended at an Adobe application was among one of the most common Web based attacks in 2008, with harmful PDF documents abusing the flaws in Acrobat plug-ins. It was responsible for 11% of overall Web based attacks during 2008.

The researchers at Symantec added that particularly, the efforts to install malicious PDF documents were commonly witnessed in 2008. These attacks were not openly allied to any particular flaw, even though the stuffing of the harmful file would have been created to abuse a random flaw in an application processing it, like Adobe Acrobat Reader. These attacks were understood to be famous because of the widespread use and circulation of PDF documents on the Internet.

The report also explains that the share of plug-in flaws affecting Adobe Acrobat Reader as compared to the total browser plug-in flaws augmented from 1% in 2007 to 4% in 2008. This indicates that Adobe Acrobat Reader is facing more and more attacks by hackers.

The report also tells that in 2008, the Acrobat Reader plug-in vulnerabilities' prime category was memory corruption. This suggests of a transformation from 2007, the year when content injection, memory corruption, and command execution all were included in the prime category.

Additionally, the attacks which were directed towards Adobe include a flaw first discovered in 2007, Trojan attacks associated to harmful PDF files and a buffer overflow in the accomplishment of a JavaScript function in Adobe Reader. These flaws were because of memory corruption situations that were uncovered when the application held content inside the malicious PDF files.

Also, the re-emergence of the Neosploit malware toolkit in the previous year might have boosted the popularity of such kind of attack because that toolkit is made to exploit flaws in PDF files.

As a result, the researchers suggest to timely update the computer systems with security patches and the latest antivirus software to avoid potential attacks. And, companies should check all network-connected PCs for any sort of suspicious activity, detaching the infected systems from the network and disinfecting it as early as possible.

Related article: Adobe Rates Acrobat Vulnerabilities “Critical”

» SPAMfighter News - 4/20/2009