Skip to main content
  1. Home
  2. Computing
  3. Web
  4. Legacy Archives

Adobe Acrobat and Reader under attack with a zero-day exploit

Add as a preferred source on Google

Adobe LogoAdobe identified a critical vulnerability in Adobe Acrobat and Reader on Tuesday, but said today that attackers were already exploiting this bug. All versions of Acrobat and Reader 8 and 9 for Windows, Macintosh, and Unix are open to attack. Even the latest versions, 8.2.4 and 9.3.4 are not safe. Other PDF reading alternatives, such as Foxit Reader, are not affected.

Masquerading as a harmless PDF file, this exploit has malformed font and image files. Spreading as an e-mail attachment to innocent-sounding emails, the PDF saves and runs an executable file to disk when it’s opened. A variation of the email offers tips on ways to improve your golf game. Security firm Trend Micro spotted a variation with a Trojan, TROJ_PIDIEF.WM, that downloaded two other Trojans called TROJ_DLOADR.WM and TROJ_CHIFRAX.BU.

Recommended Videos

This vulnerability bypasses Windows 7’s vaunted security measures. The executable file that gets saved carries a valid digital signature, so Windows 7 allows the operation. Because a valid signature pretty much tells Windows 7 that it’s a safe file, this executable is free to download more malicious code from a server at academyhouse.us. According to Kaspersky Lab, the file appears to be form Vantage Credit Union in St. Louis. It also piggybacks on loopholes created by applications that haven’t included Windows 7’s ASLR security technology in their own code.

Adobe “is in the process of evaluating the schedule for an update to resolve this vulnerability,” and hasn’t announced any fixes or patches. The regularly scheduled patch date is Oct. 13, but an emergency patch is not out of the question.

There are reports that turning off JavaScript in Adobe Reader stops the PDF file from executing. This is only a temporary measure, as attackers can tweak the exploit to issue variations that are immune to disabling JavaScript.

Fahmida Y. Rashid
Former Digital Trends Contributor
macOS clipboard app Maccy has a fake out there stealing passwords
PamStealer malware is disguising itself as Maccy to target Mac users
Depicting of the Maccy clipboard app for macOS on a laptop with letters inb the background.

A fake version of Maccy, a popular clipboard manager for macOS, is being used to deliver a newly discovered Mac malware strain called PamStealer. Researchers at Jamf say the malware impersonates the real open-source app, but its actual purpose is to steal data and capture a victim’s login password.

PamStealer arrives as a disk image containing an AppleScript file that impersonates Maccy. Once the user opens that file, macOS launches it in Script Editor, where the on-screen instructions tell them to press Command-R. To someone expecting a normal app installer, that may look like an odd setup step. In reality, that action runs hidden malware code and starts the attack.

Read more
A new technology teaching drones to feel pain could stop your self-driving car from harming itself
Drones first, autonomous cars next. A pain-sensing system that detects failure before it happens has real stakes for self-driving vehicles.
Transportation, Vehicle, Car

When you sprain your ankle in the middle of a run, your body sends a pain signal to your brain, forcing you to stop. Essentially, the ability to sense pain stops you from pushing through the injury and causing further self-harm.

Researchers at Delft University of Technology and Wageningen University have applied this exact concept to drones, giving them a digital equivalent of a nervous system that recognizes a faulty part and triggers a pain-like warning signal. What's even more interesting is that the technology could find use in self-driving cars.

Read more
Claude Fable 5 is leaving subscriptions, but maybe not for good
High demand is pushing Claude Fable 5 out of subscriptions for now
Claude Fable 5 and Claude Mythos 5 Official Render

Anthropic’s most advanced publicly available Claude model is still leaving standard subscription access after July 7, but the company is now trying to calm fears that the move is permanent.

Fable 5 recently returned to Claude after drawing scrutiny from the U.S. government. Anthropic said it would be included on Pro, Max, Team, and select Enterprise plans for up to 50% of weekly usage limits through July 7. After that date, the model is set to move to usage-credit billing, meaning users will pay for access outside their regular plan limits.

Read more