Another 0-day vulnerability in Adobe Reader

    Literally in 2 words, because there is still very little information. FireEye announces detection of a 0-day vulnerability in Adobe Reader. The latest versions of branches 9,10 and 11 are vulnerable. at the moment this is:

    1. 9.5.3
    2. 10.1.5
    3. 11.0.1


    What is the essence of the vulnerability - not reported. It is only reported that in the investigated exploit instance, during successful operation, 2 DLL files were launched. The first DLL showed a false error message and opened another PDF document. Apparently, we are talking about the classic launch of PDF of the desired content. This trick is often used in targeted attacks. Because often a vulnerable application after the launch of the exploit “crashes” and the sensitive user, not seeing the payload, begins to sound an alarm without reason.

    The second DLL is a trojan-component, which performs reverse connection to the domain of the attacker, which allows the attacker to control the compromised computer even if it is located behind the NAT-th.

    The company contacted representatives of the Adobe security team. So far, the recommendation from FireEye is the same: do not open unknown

    UPD PDFs : Adobe has released a fix for this vulnerability

    Also popular now: