The Shadowserver Foundation reports that several iterations of the attack are spreading in the wild via the popular Acrobat and Acrobat Reader applications. "The Shadowserver Foundation has recently become aware of a very severe vulnerability in Adobe Acrobat affecting versions 8.x and 9 that is currently on the loose in the wild and being actively exploited," blogs Shadowserver's Steven Adair. "Right now we believe these files are only being used in a smaller set of targeted attacks. However, these types of attacks are frequently the most damaging, and it is only a matter of time before this exploit ends up in every exploit pack on the Internet."
Adobe issued an alert about the vulnerability yesterday, describing it as a "critical" buffer overflow vulnerability in Versions 9 and earlier of both Adobe Reader and Acrobat. "This vulnerability would cause the application to crash and could potentially allow an attacker to take control of the affected system. There are reports that this issue is being exploited," Adobe said.
But an update for Adobe Reader 9 and Acrobat 9 won't be issued until March 11, the company said, and updates for versions 8 and 7 of the software tools "soon after."
Several antivirus firms, including Symantec and Trend Micro, can now detect the attack.
Have a comment on this story? Please click "Discuss" below. If you'd like to contact Dark Reading's editors directly, send us a message