Adobe Warns of Zero-Day Vulnerability

Attacks on Adobe Reader 9 exploit hole in compression file format.

Adobe is warning of a new problem for users running Adobe Reader on Windows systems.  The vulnerability could allow attackers to hijack their hardware.

Adobe calls it the "U3D memory corruption vulnerability" by Adobe.  It could cause a system to crash and give hackers unrestricted access. The exploit takes advantage of a hole in the universal 3D compression file format. Other vendors, such as HP and Intel, use the same file format, but there are no reports of the vulnerability being found in non-Adobe software.

Adobe warned that the "vulnerability is being actively exploited in the wild in limited, targeted attacks against Adobe Reader 9.x on Windows." The targets have included U.S. aerospace and defense contractor Lockheed Martin and MITRE, which manages many U.S. research centers, and others.

A patch is currently being worked on to fix the vulnerability found in Adobe Reader 9.x versions, and release is expected no later than Monday, Dec. 12, according to a security advisory issued yesterday. Fixing both Adobe Reader X and Acrobat X is considered to be a lower priority task for Adobe compared with fixing earlier versions of Reader.

"Because Adobe Reader X Protected Mode and Adobe Acrobat X Protected View would prevent an exploit of this kind from executing, we are currently planning to address this issue in Adobe Reader X and Acrobat X for Windows with the next quarterly security update for Adobe Reader and Acrobat, currently scheduled for January 10, 2012," wrote Wendy Poland, member of the Adobe Product Security Incident Response Team, in a blog post.

The risk is also less for Macintosh and UNIX systems, so a fix will also wait until the next quarterly update.

In the mean time, Brad Arkin, senior director of Product Security and Privacy for Adobe, says that to be 100 percent certain your system is safe, update your older versions of Reader and Acrobat to X.

"We put a tremendous amount of work into securing Adobe Reader and Acrobat X, and, to date, there has not been a single piece of malware identified that is effective against a version X install," wrote Arkin in a blog post. "Help us help you by running the latest version of the software!"

About the Author

Chris Paoli is the site producer for Redmondmag.com and MCPmag.com.