Zero-day PDF Attack Goes After Flash Flaw

Today's Best Tech Deals

Picked by PCWorld's Editors

Top Deals On Great Products

Picked by Techconnect's Editors

Adobe's unfortunate security problems continue: Symantec today reported that is has discovered a new attack in the wild using malicious PDFs that target a zero-day security hole in Adobe Flash.

Symantec says it has only found a limited number of attacks for the time being. The new risk "is not something we should be sowing widespread panic over," says Marc Fossi, manager of development with Symantec, "but it is another reason to remain cautious."

The attacks seen so far use a poisoned PDF that, when opened, will install malware on a victim PC. But according to Fossi, crooks may be able to target the underlying Flash flaw using code on a Web page, allowing for a drive-by-download that targets a zero-day flaw, arguably the most dangerous type of Internet attack.

"What we've seen suggests that it could be targeted from a [Web] page," Fossi says. Such attacks have thankfully not yet been seen, and so far PDFs are the only attack vector against this new flaw.

Symantec says it is in touch with Adobe's PSIRT team, which late last night put up a post saying it "is aware of a potential vulnerability in Adobe Reader and Acrobat 9.1.2 and Adobe Flash Player 9 and 10," but without any further details.

Symantec's post on the discovery provides much more detail on the nature of the attack, but the company doesn't yet know of any workaround or temporary fix to protect against this new flaw. One option may be to use an alternate PDF reader such as Foxit until an Adobe patch is available, but doing so wouldn't protect against a Web-based attack if the bad guys make that jump. Sending all PDF downloads or attachments to could also improve your chances of detecting a potential attack.

Note: When you purchase something after clicking links in our articles, we may earn a small commission. Read our affiliate link policy for more details.
Shop Tech Products at Amazon