Attack code targets unpatched Adobe Reader flaw

An anonymous security researcher has published a proof of concept exploit for a known vulnerability in Adobe Reader, Adobe's PDF reader.

A user by the name of Cyanid-E unveiled his creation in a posting to the Full Disclosure security mailing list on Tuesday. The vulnerability has been confirmed on a fully patched Windows XP system running Adobe Acrobat Reader 8.1 and Internet Explorer 7.

The Gnucitizen blog published details about the vulnerability late September. The blog didn't post proof of concept code at the time because it expected that Adobe would be slow to respond. Proof of concept code can easily be turned into live attack code. The publication of code therefore could put users at risk.

The proof of concept demonstrates the exploit by opening the calculator application when users open a specially crafted PDF file. Although the code is harmless, criminals could easily change the code to have it install malware or recruit a system into a botnet.

Adobe acknowledged the flaw earlier this month and published a workaround that protects users.

A spokesperson for Adobe told vnunet.com that the company is aware of the proof of concept. The company preparing to release an update within the next two weeks.

Adobe recommends that users implement the workaround and use extreme caution when they viewing and downloading "unsolicited communications".