Access member only content, take part in discussions with comments on blogs, news and reviews and receive all the latest security industry news directly to your inbox. Join now for free.
A confirmation email has been sent to your email address - SUPPLIED EMAIL HERE. Please click on the link in the email to verify your email address. You need to verify your email before you can start posting.
If you do not receive your confirmation email within the next few minutes, it may be because the email has been captured by a junk mail filter. Please ensure you add the domain @scmagazine.com.au to your white-listed senders.
Users are being urged to use caution when handling PDF files following the discovery and subsequent attack of a flaw in Adobe software.
The company said that it had received reports of attacks targeting a previously unknown flaw in both Adobe Reader and Acrobat. When exploited, the flaw allows an attacker to remotely execute code on a targeted system.
The issue is believed to effect version nine and earlier of both Acrobat and Reader. According to security firm Shadowserver, the vulnerability exists in the way both programs handle JavaScript within PDF files.
The infected files trigger a memory buffer overflow, which in turn allows the attacker to remotely execute code on the targeted system.
"Right now we believe these files are only being used in a smaller set of targeted attacks," wrote researcher Steven Adair.
"However, these types of attacks are frequently the most damaging and it is only a matter of time before this exploit ends up in every exploit pack on the internet."
Adobe said that users should expect to see a fix for the vulnerability by March 11. In the meantime, researchers at both Shadowserver and the US Computer Emergency Response Team recommend that users disable the ability for documents to execute Javascript code in both Acrobat and Reader through the application's preference panel.
To begin commenting right away, you can log in below or register an account if you don't yet have one. Please read our guidelines on commenting. Offending posts will be removed and your access may be suspended. Abusive or obscene language will not be tolerated. The comments below do not necessarily reflect the views or opinions of SC Magazine, Haymarket Media or its employees.