Adobe Flaw Wasn't Part of Attack on Google
In a statement issued this afternoon, Verisign's iDefense security group said that it was retracting its earlier assessment. iDefense had stated that the delivered via e-mail to break into Google and other companies. The company had suggested that a vulnerability in Adobe Reader appeared to have been exploited in the attacks.
"Upon further review, we are retracting our initial assessment regarding the likely use of Adobe vulnerabilities," the company said. "There are currently no confirmed instances of a vulnerability in Adobe technologies being used in these attacks," the company said, adding that it is continuing to investigate the attacks.
Earlier this week, Google said that it had been attacked by cyber adversaries apparently operating out of China. Since the company's announcement, news has emerged of at least 34 other companies being targeted in similar attacks.
Though it was initially believed that the attackers used rigged PDFs to break into these companies, it was later revealed that the compromises had resulted from an unpatched vulnerability in Microsoft's Internet Explorer (IE) software . Microsoft has confirmed the flaw and issued a security advisory warning users about it.
Jaikumar Vijayan covers data security and privacy issues, financial services security and e-voting for Computerworld . Follow Jaikumar on Twitter at @jaivijayan , send e-mail to firstname.lastname@example.org or subscribe to Jaikumar's RSS feed .