Symantec today warned about a new, zero-day vulnerability in Adobe Reader that attackers are going after with poisoned .pdf e-mail attachments.
The assaults target a zero-day flaw in Adobe’s program, which means there isn’t yet any patch available. According to Symantec the attacks currently focus on “high-ranking people within different organizations,” and though the company isn’t directly confirming the method, the announcement appears to describe an attack that uses a .pdf e-mail attachment. Symantec did say ” the simplest way to spread this threat is to send it as an e-mail attachment.”
I expect that as a targeted attack using a zero-day, the e-mails in question would be convincing and well-crafted. If the attack is successful, it will install a Trojan onto the victim machine. The malware is capable of giving remote-control access to the attackers, Symantec says, and the end goal may be the theft of corporate documents.
I’d guess this current attack is purposely small scale so that the e-mailed attacks have a better chance of evading antivirus protection, but it may be more widespread. And it’s especially dangerous if you do happen to get targeted, so keep an eye out. And I’ll update this post if Symantec provides any examples of attack e-mails.