Sponsored By

Adobe Reader Vulnerability Being Attacked

Within days of the <a href="http://www.informationweek.com/blog/main/archives/2008/11/adobe_patches_p.html">announcement</a> of a serious Adobe Reader flaw, attackers already are planting maliciously crafted PDF files to attack Windows users.

1 Min Read

Within days of the announcement of a serious Adobe Reader flaw, attackers already are planting maliciously crafted PDF files to attack Windows users.That's the finding from the SANS Internet Storm Center handler Bojan Zdrnja: "The in-the-wild attacks, first spotted by the SANS Internet Storm Center, follow the public release of proof-of-concept exploits at Milw0rm.com and underscores the importance of quickly patching third-party desktop applications.

I have seen a sample of one of the rigged PDF files in circulation and can confirm it is indeed exploiting the CVE-2008-2992 vulnerability, which is a stack-based buffer overflow in Adobe Acrobat and Reader 8.1.2 and earlier. It allows remote attackers to execute arbitrary code via a PDF file that calls the util.printf JavaScript function with a crafted format string argument.


The payload, Zdrnja, continued as an embedded JavaScript object that can be obfuscated enough to evade antivirus engines.

With these attacks now "in-the-wild," it's important to make sure you're protected. It's also important to mention again that Adobe Reader 9 and Acrobat 9 are not vulnerable.

Adobe also has updated Adobe Reader 8.1.2 and Acrobat 8.1.2 to address the vulnerabilities.

An Adobe security bulletin regarding the vulnerabilities and related solution is available. Also, Adobe's product security incident response team has posted to its blog on the topic.

Product updates are available for Windows, Mac, and Linux/Solaris.

About the Author(s)

George V. Hulme, Contributing Writer


An award winning writer and journalist, for more than 20 years George Hulme has written about business, technology, and IT security topics. He currently freelances for a wide range of publications, and is security blogger at InformationWeek.com.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like

More Insights