Remember how I reported back in August that the current versions of Adobe Reader contained numerous security holes?
A couple researchers at Google were testing the Adobe Reader Chrome plugin for stability and security, out of curiosity they expanded their tests to include the Windows, OSX, and Linux version of Adobe Reader. They found dozens of issues, some of which Adobe neglected to fix and some of which were serious.
It turns out that those researchers missed at least one of the security issues in Adobe Reader, but don’t worry. Other hackers have identified the flaw and are selling it on the criminal underground as we speak.
Krebs on Security reported on this yesterday. One forensics firm in Russia, Group-IB, identified the flaw in the latest versions of Adobe Reader. According to their tests, there is a way for a hacked website to exploit the Adobe Reader plugin for web browsers and gain access to the target computer. This would enable a hacker to remotely access the info on the computer as well as run their own software.
The exploit was demonstrated on IE6 but it reportedly works with other web browsers running on Windows. It also luckily has some limitations. For example, it cannot be fully executed until the user closes the web browser (or Adobe Reader).
Right now the exploit is being sold at a high price to a small group of criminals and malcontents but that should change shortly. The hacker who developed the Blackhole Exploit Kit, the most widely used toolkit for attacking users via hacked websites, is interested in including this latest exploit into the Kit.
If and when that happens security experts think this will grow to be a serious issue, so now might be a good time to uninstall the Adobe Reader plugin in your web browser and replace it with something else.
image by devdsp