|
|
|
Hackers Zero in on New Adobe Reader, Acrobat Vulnerability
By: Brian Prince
2009-02-20
Article Rating: / 5
There are 7 user comments on this Network Security & Hardware story.
Hackers are targeting a zero-day vulnerability affecting Adobe Reader and Acrobat with malicious PDF files. Adobe officials say a fix for the issue will be available for Adobe Reader and Adobe Acrobat in the coming weeks.Hackers have once again turned to PDF files to spread their wares,
this time assaulting a zero-day flaw affecting Adobe Reader and Acrobat.
Fortunately, the unpatched bug is
on the companys radar, and fixes for Adobe Reader 9 and Acrobat
9 are slated to be available March 11. Updates for earlier
versions will come later, company officials said in an advisory.
The bug is due to an error in the parsing of certain structures in PDF files. If exploited successfully, the bug could allow a hacker to take complete control of a vulnerable system.
In parsing a specially-crafted embedded object, a bug in the reader
allowed the attacker to overwrite memory at an arbitrary location,
blogged McAfee researcher Geok Meng Ong. The attacks, found in the
field, use the infamous heap spray method via JavaScript to achieve
control of code execution.
While the distribution of this exploit thus far appears to be
targeted, new variants are expected as more information is made
public, the researcher continued. As with the Conficker experience,
the lack of good patch management is a very worrying trend that
deserves more attention from IT security practitioners. Adobe is
expected to release a patch very soon.
In the meantime, security researchers at the Shadowserver Foundation recommend users consider disabling JavaScript. Symantec also recommended Adobe users keep their antivirus up-to-date.
While we continue to investigate this issue, customers are advised
to follow best practices and only open email attachments from people
they trust, blogged Symantec researcher Patrick Fitzgerald. Enabling
DEP (Data Execution Prevention) for Adobe Reader will also help prevent
this type of attack.
| | Reader Comments: Hackers Zero in on New Adobe Reader, Acrobat Vulnerability | | >>> Post your comment now!
| | | | | | | | re:Hi. A story about what happened was posted earlier... Posted At: 02-24-09
By: Brian Prince, eWEEK | | | | | | A user comment on this articlePlease let us know what has been done to our machines as a result of this unwanted payload that was delivered by eWeek. A courtesy link to a site... Posted At: 02-24-09
By: Anonymous | | | | | | | | | | | | pdf.php??So, I clicked on the link for this article in the email that I always get from eweek, and a new browser window also popped up. The new URL was... Posted At: 02-24-09
By: Anonymous | | | | | | re:Hello Marc. We are aware of the problem here and have been in the process of taking steps to fix it. BP Posted At: 02-24-09
By: Brian Prince, eWeek | | | | | | Newsletter Makes a pointI opened the email "Securing the Enterprise" newsletter with the link to this article. A pdf got downloaded and tried to open. Fortunately, I had... Posted At: 02-24-09
By: Marc Thibault | | | | | | >>> Post your comment now! | | | | | |
|
 |
|
|
�������x}r㸲s;�Ӯ:��vI�%uʲ|,UTDh(
ئH�=�|d�অT˖�0�$rC"$;дǤ��%Sg[yDj{{?�P|g�I5*2dCV3J�Բn�L��ejƠOL
�}@nmX�d�>J�`OS{S5� 5�ޙ1\/S}L=�F��\�3�i�3JG��I��[��f�(EL��ev$Z|gvH~V�h{99<"A}#%AT<ش�'l$$^b{�@y4��5�;^7S�xw23���X]~�j����r�P�;U�yA%h� -L�r&$dqM�C߆Tu6���{R#�-�Xd�UZD�wb��&Cc`p,Dž)��Ta3#}jZ�5ux-y5G̱=ǥC5}C�H
��]?Z��Q��N�K�m5Zx]rZ�:t;=r߉ekby
1�=��|�Jg�!=ޚ�V%uѹ�i4?N]$/%t:!�tn~R|[kU[nG�!~j[zd�Pp8LsrP{$�ޗ& H|;FAuk��Czn{&J�ݒEdL:X]�KŗGɏ��k��3��L9��X@.@ש!04۫hVT*5V0|�[P}}G_x0N�D=7o�f�I�U3(,e��g M���H��8��vf��M�o��gz�C��C�Z9nV)U7өɛ!"ĈKn�9x0z�B(��PHQ��>�x%Ku}7�p{@e!gfiٜ(%YWbΆ"#+]�Nާft/;��~j7&8^%glh|��X.B2iK1QW5MGTD~+�/�E*G�8ʍ�/;�2B��m�gL�H[~VfA`*:)uѧ#|>Cs>�tێ=
X�C#ʠ�:ڴb;\jg���4!��&u�
sFl`�x:,(Ab�@�CCߜRoVh�0�
m�q=�LR}l;�t9�PhR0\�s7LnM)˂�5[ѽk:���?@�������x���@e^~�}�̢8>1G��5�woN�ou��&��ܠϨ
C|'s\(Lw^ ��"
�⣋��4.'@(AH �9�������99~����ܑ�vZǭB@��
nO�q$;c�
<ڹ&,�,ЂW-Ktf`(L=?�j1!U�G�,D`v9r,L��.�[
O��Jy[+B4`T(p3�=cGVK*Z��ҥ/+?;{
*쑫X?MןCw��)7˘���㛣i�L�STwm2q)(7�f+7k�j�;@1�EM$k�l}j�BB63 �]gʠ
u�NP"'Ի����3�r�,{v?8�s��VZ)o��}��p��>H����_Nw\Գ&VAB �glCC��{�ޡYY3T w^AY䞅_1YX���XM`�o�ťHL)m�tѹ+>q^v.iԊv i[%�ͺ7bum�I��
�ۥi]hk%�;��$7�Bj^¢ym<2�֡X`9HM^>VL"f��˥�a4�d�J
Udև��{gO͑I���+9UV*U&G&,-3Rod~+�4E+�iZX}�s4�� �9P��8IJ*4*/SXSę�zдt��"ҝu@'tñ'�mN�C�3�
lx����J[Y�,,b3*4j+T=C�kab悈7|OE3�c�a�{�60c@u�_X:tf²w6ה�.Υhӫfp�
:�fc����txF3�f�ԑiQP3uIF̫�e�Tנ~3���JNU#?q?�|��2ex�L,Z`_9#Dzt̠:7�H�R!�H۴>��sMv��N�uWPR@��B^Nu���5GANjN~Q5wB�w�.Bāh<.��[Pw=>>8آTQނ*69E)ƈ.A�5 b�d��]D�{z�퀇�gH���A.Db��
���\�x�U)L0�:�K�b 2",[���T�B8⦼�t�߀bu?a1:C.5.z_=2dB4�^e�j<�{LR.sr)B��ZQU�Z*PY+
:;#UFQPx3j h�/OP�}ԁd�}sX�̝~Q*}zMMW�>s@���y >{�V�?aA�>yL�LZ<1=�˰"U`�Jv r`�\g~w�ԻA��
�$rֹe=Rd'��V!Ppi=p;xz跸4g�@\5{oUČ�)Ԩ�UU)U9}FW�c7{)h�"RkF&:�Fd@}tΈ#6R�j5kivO�rh#քY[#WX�
xV IQdC5Ed�
kCe'ßKi>C?9dN@u3 U�S4��NPƫ5_[`�xUiʹ;9Qo@H�ms10�����Wo�㊏�߲~F8J7pT
J��(
+HA:eLÓz\?�nUU;My� U̐+C�j]K>a51t:]ߘ렚1[;��ML��l�aƭ|T/gt?;u}ӟ:/gf#DU�=d5O�)~�|$DC>,+m�4^D�\X2�Y߈u*/JjA�z$pE"k9d i�W�&s�\x&\_sƋ��bo(Q^b%�+�Gs�;"ʌg�b<�p{>'F{�zɐ4PG���}ƴWՄθ�ā�3O?�[qYy�Vum4dH�$5g҇q#�$eZYr圤'�怌uPpz�]�
Gߍ
eRģ{{k7=5g>A"WP)߭q*��*�״"gև^A�~/�f{,5.a�ЇR!)��X|ptѐZ&?�tȞYMw $(��X�����溏ճHW�6y��p0\^�<�!>Ni�8ՇօIs��ES:\w�9"�![�.�Yz�
G�]99o֯M1k&01h$ǂ<s�cf<`z�ik��B[�KѼĂ!�Qל8�"r�\3 nP�E8Z;W�9
²V�XHE`C7$��-0�r$�`�$X�*��XU2^2sy�9����^S�F(+b�K "$DY \gIΉ�O/`Nc�1:�(: O�oWȘI;GD_q+5�'=?EU[k'5ZI��NV��}9or_Ǡ#`pF�K1xc�`s�A\$|n^�^�9�R;DN[3pq*hshwl)~ڲ{�,�/��=�:$�3U([wiaE�%e9r�dJ>!S�9�e�ޞ,H~=Ym@ylZӽK3%ƗHȃ ,-�I+Q$/AiA0Z'@��R�#F[�xq�'P�H
T䵸�
Zr*ĕ�;�Ã�b.�̔yxh'($rHβj%g�VU+v;S��Ҳ,i;x.�9�wb�6x�}y�8b1��?ݮneټܱzjo;
�~{j9Л�Sq�Ƅ��@پ9z@ϝO�)|�9��z8ti�?!��W~w�b�7A�e$H~"`@KLT9zÿ
sꂧG�' �[sgϜ&ƭtFoVsm,d�a3fo?c_; >-l-8t�砚��TǏɘNB�AUU-uJlko {r�Y9sJEWV2{hd�,��#Q�d1W6�P2QY:pGҤEs�mmf]ݸ�g[f�1rzfio�=|z}
�~��]>PI=)~=҂(�r_:ZD Np5V{QI1*tu�=/-r`TT�zH^8[ڃ}co[D:
wctW�-3��
�pL �;x�輳^��2����Vo2lK9s@2s&�c����ġ`G-ݺ�ܭ1J�3"qCDHޚɳT3E3 ��_5d�3�Z7:aV3*|B�Zy䘖a�b��oE�[�ά�(g3촉��ߎcTRF<�
�*~e�l
|kI-�9���?�?@Ӟ
�\�N��^5nʸ��E'͖�hOL>_��2�6,�2d]n`$vX�Cg@��:�'P@�^ᐰ#�sV
r�qHמ�B}��`0Uxn�9
�D<ic`Ѽ_K)#JO:LnM��_S�sbQ:}cB�D�βA=G8�E�CN̓V�hgӰ�s_e@[faD\GN|<,xS�P� 7`Y$��'r�"a!6::Q�m�'U1=xA>�H��j�A�zr�9ք6e�xs
:�S^�>8V�c"P�>�=zgaʧ,Q?7iIl�T��_p%+�}](5/E;�O��K�/I�ovإ�D= �V�a�;�N'T(BYi,dScHj.RR�K�L<�A" Sr�e}f3G!��ND�H>è'�u D(a2�T�ZR©
>t՞r��N7��-4q̼�C&K)>����
j5vR�6L��.�ˬ�I
!aB4�텢��3C�Mn�O=Ix��<;�)?TE+IScTJ^�+fw``3D@�G� `��JV= �hY0��>�V4%^��t=
E'|i�nIUa�oRV{.
3װ�8Ri�ҹLQ+0�?�WXxx>'+ )Dz�6�WD��>91]caa�E�0��y�\
w�/g�#*yIlKgRw6����?-XK�6
Lv믋ض�oRm�^mZ�E�$D!�edSO:,D>rLH �$�@�u�h��zIJ��ðk�A�Q�&KI�<{L#��O��Y 0A!X��_@ 5�=�®r�n[2,��vt[aޞTД|!�%D�6�7IN)m;9ڶPzvr8coyRy�Q0�@�,FR�B �0�I��A.~�gmۚ;J��RZG*,c%ܯ*\�A�^^^^o͕Z^H^=3V�0m<�J䊲#()R9��b/U
j$&z��B؋$x�JU^J[>}ġ%yugs]Ƹ��=KO��җ.�X�$�,3R[JZT.֑D6'�pd0 '�|�H#0i? gؒBm)_�kݓ�RkHu�G-! m&fwH+_ l3˽r Ϸi9^!ͩ�V�,8nK&Έ8<.at8Ew��Nt�eIuK*Y��0�[�l���xH�4A&H RxY� Y�W{Nh[R�ܔ���oK�*\:$;G-�0P-:��#�FPqT6a�'1�tԝ�ʤ��x��jxiO.4��N;4SV�9Ľ�n.ErNT
xJܲ�zV�O�]T/~1ՆR.:?sfe)T&�.^&$"ɷ ��+OWs�AV�̭6�A0ߨ9;67oDEHvjum&$sk3"�A�-�[�o�f6௶eulau'^�fܪF/߹l��ȪhƑe]:unRγi,��Glr{,HüjDo�_]0Kߓ��LZTˬ�kR`�Q3
ƹ��2X!�53+x.�([ 5J7z D|p�_8Cz@�X�u��jg|K^/Ym/�E�j7ϒ��T�&ݥ�e
~fSpg
vf4}
�S�u&o}[y�ϱKD= ?�KD)`G%�^B~23u?q/%�jv`�W:ߨ&8-x Q�z.�^�o�N �EvcxrǷ
+?x�#_)*F]kN9-0�o�*~[ώP8[,zŝKpf�$1d
_
,��a��ٵ, Ⱦ3[�
�(�TeQWǽn%}'%s�®O(aZ&*]AL�a�!-(�-Ȯq�aIz}L&sLj$9y8�bM}m�@`ׂ@"~OHZ�C@�O��^�a)qc��+p��xw��̃L,
Ḍ{��n��/ɛq~qZ�z1hsq̉Tl�/vpV@k�cΩ]ZI9�z�%o�Rky�KN
߅d�c�!L n��o
U�J�9t[`�ɥ3#XZx;�pU!
&
<,
-5džllG<)fFllzZC�`5;mlzZCM` .�K�1}�+n-;sxB(fU'j,oo?tf�>Ԙp|E�8f%�b�cIe^]�@�#h�4�l�KaZ'$e~�TRUu���sb�["�̶1\�?GZN)bh�ߡ<)nm_#eM)i
fK
_VT9:_eע�g\i��~昫�vY�Xye�Z{Cq
#/�|\L� �,�֠Vm0LAY>g�N(("�XL~%9m<�z |K��@�r�|jXorr&|r Q��1��(�RxW�|�5B¯[q{i
�>d9ӹ�x�:/0ۑph6-��ý<&H@�jߚcOMgG<_^sj$F.F{ʰ̢�p�ͬG[PRYIva~�X�ev��,hd��>3mS?�� ::�I��53?b)m:,\�+s�Y�l�'��
Fmy(`�LbGh)�q�)4��c!��T�Ĕ"Э�B>ͪM;oP}wY?e=pa
�'��f} Br{=m~G�Ɩ}}*5�;M�gQggvqHt�Mp�87aT0�|LiJ�|x&��K�VxKB?{t�Q����̋XLst4:��.=$�{.�̥�7b?= .RN��9}�ǃ�"�a=X@*>In�$%�HH$] �UC�`�xK>�ZPou5a�Ȁxp(M$��:�}Gx_,���8Ck�Ap3~��O�=��RL8�蝹�,aK�\v���#sYuhco>r*}?��|9[CG)W��9D#MMK�ڼxuU*J���խ��c�`�T`sr�H���d5�&t�8���7>w=?_uiو1%���a� kE�$06�##י�F$9�MPK%ԣW@Q�t]\��P�"@J��>Q�|6XP؟c?pk2�TJDmn$>�9�[J��u�A"�\2,�GΎ�we~Ut@���dj �,YgF7`C[�%E9�Y|ob�N ?(�ۺ3��b�JY-)I`R�|Wr\g�ޕa)�뱪�b�o(�
;Ee$�=ɕ@�Z��ՌeȈq~�/Y�/8 �&G]lF(Do�h~yyvH^5{rպ:�ySS֊��_,'ԝNIiyyպej����d&cE`ڳy<2 �v)sS9-j4�Wñ;OWΓ�}VX\mP��^w�Sv�}Y
Q��J/p�{ac h\5]-�[Q-�Ƌ#xY5g�Hw��t{�r:X)`�jQe p��!>6ϛ'=ҹhfjIߊ/ρ�S?BǔP5
ʯ֗ԁR)�(樂#֗7��fJ /?��CJ?|OZYk}y�)пVJ?ӺH)R}즔/�y
|vva�~;
>ෝ6ঢ়626g;>@�D�H�g(R~�g)R�{2�?�)s�w2�'�?��I/@�)q _�sB?]�7e]�7e=^
�Z_ S
}}i0)�k(N+�Nkh:k�:IJCP^O%.N!�pS�q
� //�?�4�)@y
JI",c/S\ejL��M"KԿw2~2A.O:BX\jrr+g^6i5�vKIAʰ/�^a/
��^敽Id�=$x�EGW48<1X>t�nm(�L�o���;X��-$�1�+ Cfx3ͩ�^kc�6�1dѮ5�1|u¿�z2ye�T�8s_R5ǝaFr�Q�5g0]F=Ȟ{v=�E�뿙6%'�x-&�/3.Rmx�L$pgB-ZӋd!Pe)�D ˺��:X֮'{n�7@aƐckDM�In�_!-x'Cڗ`-yyD7`b!SK�����/w��Aa�s�溼)t�x&�9
�Fs� �0;+-c�8],_�x�n�O=uL&�Dʽ/y3 3��h��V�>�.ŭ^3"w�Оx�/55~�ɱL(V1�kEF(˲
FH̾�SNlۀPJ]HrCQzsf`O��*y�Oq���Aznzuuʹ
Xn��Qg�ѽAD?C��3��lE��f͘]w&%x^ȗ!c�o�;Lm�2X�1H1� u�61-d�tz$r�]~gƞ�fS(8:O$/]X��yϐ�R�?Rb\5�㠃Ռ[#|F WMPL\O�c�? `�nwjںm�ˎk)�
�GNFp)�N�<~=ڢ�uK�ğopm�.�;�+!0Ϊml�U|�l>cx 'wݽ��_0�U`'S�~,��V[���A:`0@��(_ k0��>EHˍ'_$%�\"dpl'�o`�cDl�.5
�-˴:u¹"UX�Lٍb
,���~:3&9qS�g _((U@Eq'˫@x
6s6�NAeҕhWn�Ql>Lo�%/#�ZD&+8~m=fu�+U�uӈrcd+�yf�:P�EX�tl'
A�k,^��reX�$P9N�]Tjã
$Wd
ԭ䅨<�?��_^&?c]'nJQƺi#mQaW:���
u�ywDwn^3QaW_���{z��wn}#\��81V`goz�/�[8K cd.
,�$(jVI�{{A0��&iE-ȣd`C�v�_Ȉ~ph;?�2�A� wVǰ��e7,s~�ȝkz�^4=�k}�X��� a�_E@�KI7`UĄ�&� L\J�nr�m�m�kJ��>d�a�Gj0Lt}�d9[\څt&�c�k��/�cYT~6�1 �fr"r*�_x�WI"cXM7�x@ljW3.rm+�R�Sq�|}9o.ݍ5{,sѓNC�RI>Sw�X��Yp�(z��3�ba'*n>�W�t;W�X�XqK'�?\u>]4@ђ�u:Wf���]�ŇxEg�
.A|>Ǩy6�=x�L��
�VUbq$7~E1�e=U.IEɗs[kvۙ�QLdlS��T4s�_hj�6J6]OXatά�>̬�q';�]h¦[HP�I�l#k�jY���(w*��
|
Network Security & Hardware 
