Adobe flaw has been used in attacks since early January

Security vendor SourceFire says that a new Adobe 0day attack has been around since January 9.

A dangerous and unpatched vulnerability in Adobe's PDF-reading software has been around a lot longer than previously realized.

The bug, first reported late last week, has caused concern because it is easy to exploit and it is not expected to be patched by Adobe for several weeks. Symantec told Adobe about the flaw, which lies in the Acrobat and Reader software, on Feb. 12, but on Monday security vendor Sourcefire said that an analysis of its database of malicious software shows that attackers have actually been using the attack for more than six weeks.

Sourcefire has found samples dating back to Jan. 9, said Matt Watchinski, Sourcefire's senior director of vulnerability research.

To date, the bug has been used in small-scale attacks against specially targeted individuals. Symantec says it has tracked only 100 attacks, but attacks have been increasing as attack code that exploits the flaw has been made public. The bug affects both Mac and Windows users.

Sourcefire posted an analysis of the flaw on its Web site Monday, which a hacker named k`sOSe credited with helping him write a public proof of concept attack that exploits the bug.

"We're starting to see more exploit code show up," Andre DiMino, cofounder of The Shadowserver Foundation, the organization that first reported the flaw last Thursday.

"This developed legs last week," he added in an instant message interview. "I think our blogging the vulnerability and Sourcefire blogging the exploit details got it going."

The vulnerability lies in the way that Adobe opens files that have been formatted using the JBIG data compression algorithm. Adobe says it plans to patch the bug by March 11, but in the meantime Sourcefire has also released an unsupported patch that fixes the issue.

Security experts say that users can also mitigate the attack by disabling JavaScript within their Adobe software, but this could break corporate applications that rely on the scripting software.

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags adobesecurity patchexploits and vulnerabilities

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Robert McMillan

IDG News Service
Show Comments

Essentials

Brother MFC-L3745CDW Colour Laser Multifunction

Learn more >

Mobile

Exec

Budget

Back To Business Guide

Click for more ›

Brand Post

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Tom Pope

Dynabook Portégé X30L-G

Ultimately this laptop has achieved everything I would hope for in a laptop for work, while fitting that into a form factor and weight that is remarkable.

Tom Sellers

MSI P65

This smart laptop was enjoyable to use and great to work on – creating content was super simple.

Lolita Wang

MSI GT76

It really doesn’t get more “gaming laptop” than this.

Jack Jeffries

MSI GS75

As the Maserati or BMW of laptops, it would fit perfectly in the hands of a professional needing firepower under the hood, sophistication and class on the surface, and gaming prowess (sports mode if you will) in between.

Taylor Carr

MSI PS63

The MSI PS63 is an amazing laptop and I would definitely consider buying one in the future.

Christopher Low

Brother RJ-4230B

This small mobile printer is exactly what I need for invoicing and other jobs such as sending fellow tradesman details or step-by-step instructions that I can easily print off from my phone or the Web.

Featured Content

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?