- These vulnerabilities affect: Reader X (and Acrobat) 22.214.171.124 and earlier running on all platforms
- How an attacker exploits them: By tricking you into opening malicious PDF documents (or by visiting web sites hosting such documents)
- Impact: In the worst case, an attacker can execute code on your computer with your privileges. If you are an administrator, they gain complete control
- What to do: Install the appropriate Reader update immediately, or let Adobe’s updater do it for you.
Adobe Reader helps you view PDF documents, while Acrobat helps you create them. Since PDF documents are very popular, most users install Reader to handle them.
Last week, Adobe released a security bulletin fixing two zero day vulnerabilities in the popular Reader program. We first described these zero day vulnerabilities in a WatchGuard Security Week in Review episode earlier in the month. Though the two flaws may differ technically, they share the same general scope and impact. If an attacker can entice you into opening a specially crafted PDF file, he can exploit either of these issues to execute code on your computer, with your privileges. If you have root or system administrator privileges, the attacker gains complete control of your machine.
Since attackers are exploiting these flaws in the wild, Adobe has assigned them a Priority 1 rating; especially against Windows and Mac computers. We recommend you patch immediately, if you haven’t already
Adobe has released Reader and Acrobat updates. We recommend you download and deploy the corresponding update immediately, or let Adobe’s automatic updater do it for you.
- Adobe Reader X 11.0.2
- Adobe Acrobat X 11.0.2
- Adobe Reader 9.5.4 for Linux
For All WatchGuard Users:
Attackers can exploit these flaws using diverse exploitation methods. Though our IPS and AV services may help prevent some of these attacks, or the malware they try to load, installing Adobe’s updates is your most secure course of action.
Adobe has released patches correcting these issues.
- Adobe Security Update APSB13-07
This alert was researched and written by Corey Nachreiner, CISSP (@SecAdept).
Leave a Reply