PDF flaw actively targeted

Adobe has once again been the focus on line criminal activity after a new vulnerability in the PDF format emerged.

Although the security flaw is due to be patched in an update set for imminent release, experts have reported that it has already been exploited by hackers in order to seize control of an infected machine after initiating a system crash.

It was half way through December 2009 that the vulnerability was first discovered, although Adobe decided to withhold a software update until the scheduled release date, leaving millions of users around the world potentially at risk.

Brad Arkin, who is head of security at Adobe, said that to release a patch earlier would have compromised the timing of the imminent security update, which Adobe releases every three months.

The threat is widely believed to have become a reality amongst members of the data protection industry, with a blog post on a mainstream vendor’s website claiming to have found examples of a modified PDF file allowing hackers to compromise the host’s PC online. The flaw affects both the Adobe Acrobat and Reader programs.

When the malicious PDF is executed it will dump a file named BKDR_POISON.UC onto the host computer. This file will then open up Internet Explorer, access a third party website controlled by the hackers and allow them to modify the infected PC in any way that they may choose.

Although it has decided to hold back the release of a patch addressing this problem to coincide with other essential security updates, Adobe has given its customers a means by which to work around the problem until the fix arrives. Users are being told to disable JavaScript when using Reader, although for some this may not be a particularly convenient solution.

The logistical problems of patching security vulnerabilities are approached in various ways by different companies. Adobe’s approach is not entirely unusual, or indeed deserving of excessive criticism, as the flaw had been discovered but not exploited on a large scale. In the face of serious problems, the firm may well have reacted more swiftly.

Our Customers

  • ATOS
  • Age UK
  • Alliance Pharma
  • Liverpool Football Club
  • CSC
  • Centrica
  • Citizens Advice
  • City of London
  • Fujitsu
  • Government Offices
  • HCL
  • LK Bennett
  • Lambretta Clothing
  • Leicester City
  • Lloyds Register
  • Logica
  • Meadowvale
  • National Farmers Union
  • Network Rail
  • PKR

Sales question? Need support? Start a chat session with one of our experts!

For support, call the 24-hour hotline:

UK: 0800 999 3600
US: 800-220-7013

Or, if you've been given a screen sharing code:

Existing customer?

Click below to login to our secure enterprise Portal and view the real-time status of your data protection.

Login to Portal