Users of Adobe PDF Reader should check they are running the latest version of the software after the discovery of an exploit
that takes advantage of a serious flaw patched only three weeks ago.
According to Microsoft’s Threat Research and Response blog, its researchers have discovered a circulating PDF-based attack that hooks into the publicised flaw, CVE-2010-0188, to download a Trojan backdoor capable
of taking control of the affected system.
The warning relates mainly to Adobe Acrobat and Reader up to 9.3.0 for Windows, Apple and Unix. older versions of Acrobat
and Reader, 8.2.0 (used by anyone unable to update to 9.3.x), are also affected on Windows and Apple and should be patched
Anyone running the latest version of Acrobat or Reader, 9.3.1, is immune to the issue which was patched with unusual haste
on by Adobe on 16 February. By reacting so quickly, Adobe seems to have learned the lessons of the last year when it tended
to patch only in regular cycles, which often left users exposed to emerging exploits for inconvenient periods to time. It
also issued the patch as an automatic update – activated without user intervention – rather than rely on the manual update
The concern is that the recent date of the update makes it likely that a large number of users will still be running older
and vulnerable versions of the software. How quickly the 9.3.1 version is pushed to desktops will depend on the system in
question and which version it uses as ‘current’.
Acrobat/Reader software, on which the attack discovered by Microsoft depends.
Ironically, in the same week the Acrobat/Reader vulnerability was patched, Adobe also had to issue a separate update for Download Manager, a utility used to manage direct downloads from the company’s website.