{"id":642200,"date":"2013-02-13T12:30:27","date_gmt":"2013-02-13T17:30:27","guid":{"rendered":"http:\/\/www.webpronews.com\/?p=216582"},"modified":"2013-02-13T12:30:27","modified_gmt":"2013-02-13T17:30:27","slug":"adobe-pdf-reader-hit-by-zero-day-exploit","status":"publish","type":"post","link":"https:\/\/mereja.media\/index\/642200","title":{"rendered":"Adobe PDF Reader Hit By Zero-Day Exploit"},"content":{"rendered":"<p><a href=\"http:\/\/www.webpronews.com\/update-flash-now-abobe-just-patched-two-security-holes-2013-02\">Adobe Flash<\/a> was recently hit by two zero-day exploits that the company quickly worked to patch up. Now one of Adobe&#8217;s other popular Web plugins &#8211; Reader &#8211; has been hit. <\/p>\n<p>Computer security company <a href=\"http:\/\/blog.fireeye.com\/research\/2013\/02\/in-turn-its-pdf-time.html\">FireEye<\/a> found yesterday that Adobe Reader was hit by a zero-day exploit. The exploit is currently found in the latest Adobe Reader versions &#8211; 9.5.3, 10.1.5 and 11.0.1. Here&#8217;s what the exploit does: <\/p>\n<blockquote>\n<p><em>Upon successful exploitation, it will drop two DLLs. The first DLL shows a fake error message and opens a decoy PDF document, which is usually common in targeted attacks. The second DLL in turn drops the callback component, which talks to a remote domain.<\/em><\/p>\n<\/blockquote>\n<p>FireEye has alerted Adobe to the threat, and the company is <a href=\"http:\/\/blogs.adobe.com\/psirt\/2013\/02\/adobe-reader-and-acrobat-vulnerability-report.html\">now investigating the report<\/a>. It will have an update on what actions it plans to take soon. <\/p>\n<p>Instead of waiting for Adobe to act, you should probably switch to a different PDF reader. There are numerous <a href=\"http:\/\/opensourcecollection.blogspot.com\/2011\/01\/non-adobe-pdf-readers.html\">free, open-source PDF readers<\/a> that do a marvelous job without relying on a Web browser plugin that can be exploited to insert malware onto your system. <\/p>\n<p>The Firefox 19 Beta is also testing out a <a href=\"http:\/\/www.webpronews.com\/mozilla-kills-the-pdf-plugin-in-firefox-19-2013-01\">new native HTML5 PDF reader<\/a> plugin that would be far more secure than traditional plugins. It&#8217;s only a matter of time before the HTML5-friendly Chrome follows suit with its own. <\/p>\n<p>[h\/t: <a href=\"http:\/\/thenextweb.com\/apps\/2013\/02\/13\/new-vulnerability-in-latest-versions-of-adobe-reader-is-being-exploited-in-the-wild-use-another-pdf-reader\">The Next Web<\/a>]<\/p>\n<div class=\"feedflare\">\n<a href=\"http:\/\/feeds.feedburner.com\/~ff\/webpronews\/all?a=ZQmOdB0Dku0:47HPNvMlwC4:yIl2AUoC8zA\"><img decoding=\"async\" src=\"http:\/\/feeds.feedburner.com\/~ff\/webpronews\/all?d=yIl2AUoC8zA\" border=\"0\"><\/img><\/a> <a href=\"http:\/\/feeds.feedburner.com\/~ff\/webpronews\/all?a=ZQmOdB0Dku0:47HPNvMlwC4:wF9xT3WuBAs\"><img decoding=\"async\" src=\"http:\/\/feeds.feedburner.com\/~ff\/webpronews\/all?i=ZQmOdB0Dku0:47HPNvMlwC4:wF9xT3WuBAs\" border=\"0\"><\/img><\/a> <a href=\"http:\/\/feeds.feedburner.com\/~ff\/webpronews\/all?a=ZQmOdB0Dku0:47HPNvMlwC4:7Q72WNTAKBA\"><img decoding=\"async\" src=\"http:\/\/feeds.feedburner.com\/~ff\/webpronews\/all?d=7Q72WNTAKBA\" border=\"0\"><\/img><\/a> <a href=\"http:\/\/feeds.feedburner.com\/~ff\/webpronews\/all?a=ZQmOdB0Dku0:47HPNvMlwC4:V_sGLiPBpWU\"><img decoding=\"async\" src=\"http:\/\/feeds.feedburner.com\/~ff\/webpronews\/all?i=ZQmOdB0Dku0:47HPNvMlwC4:V_sGLiPBpWU\" border=\"0\"><\/img><\/a> <a href=\"http:\/\/feeds.feedburner.com\/~ff\/webpronews\/all?a=ZQmOdB0Dku0:47HPNvMlwC4:qj6IDK7rITs\"><img decoding=\"async\" src=\"http:\/\/feeds.feedburner.com\/~ff\/webpronews\/all?d=qj6IDK7rITs\" border=\"0\"><\/img><\/a> <a href=\"http:\/\/feeds.feedburner.com\/~ff\/webpronews\/all?a=ZQmOdB0Dku0:47HPNvMlwC4:mfZ73u_VV2s\"><img decoding=\"async\" src=\"http:\/\/feeds.feedburner.com\/~ff\/webpronews\/all?i=ZQmOdB0Dku0:47HPNvMlwC4:mfZ73u_VV2s\" border=\"0\"><\/img><\/a>\n<\/div>\n<p><img loading=\"lazy\" decoding=\"async\" src=\"http:\/\/feeds.feedburner.com\/~r\/webpronews\/all\/~4\/ZQmOdB0Dku0\" height=\"1\" width=\"1\"\/><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Adobe Flash was recently hit by two zero-day exploits that the company quickly worked to patch up. Now one of Adobe&#8217;s other popular Web plugins &#8211; Reader &#8211; has been hit. Computer security company FireEye found yesterday that Adobe Reader was hit by a zero-day exploit. The exploit is currently found in the latest Adobe [&hellip;]<\/p>\n","protected":false},"author":7358,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[7],"tags":[],"class_list":["post-642200","post","type-post","status-publish","format-standard","hentry","category-news"],"_links":{"self":[{"href":"https:\/\/mereja.media\/index\/wp-json\/wp\/v2\/posts\/642200","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/mereja.media\/index\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/mereja.media\/index\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/mereja.media\/index\/wp-json\/wp\/v2\/users\/7358"}],"replies":[{"embeddable":true,"href":"https:\/\/mereja.media\/index\/wp-json\/wp\/v2\/comments?post=642200"}],"version-history":[{"count":0,"href":"https:\/\/mereja.media\/index\/wp-json\/wp\/v2\/posts\/642200\/revisions"}],"wp:attachment":[{"href":"https:\/\/mereja.media\/index\/wp-json\/wp\/v2\/media?parent=642200"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/mereja.media\/index\/wp-json\/wp\/v2\/categories?post=642200"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/mereja.media\/index\/wp-json\/wp\/v2\/tags?post=642200"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}