NPC Seal
We use cookies to ensure you get the best browsing experience. By continued use, you agree to our privacy policy and accept our use of such cookies. For further information, click FIND OUT MORE.
I AGREE FIND OUT MORE
x
advertisement
Filtered by: Scitech
SciTech

Hackers start exploiting new Adobe Reader zero-day flaw


A new zero-day vulnerability has been discovered in Adobe's Acrobat Reader software, with at least one computer security firm already noting a rise in attempts to exploit the bug.
 
Sophos said a patch from Adobe is due December 12, although it may not fix the flaw in Reader X until January 10, 2012.
 
"Why the delay for Reader X? Adobe's Brad Arkin explained in a blog post that the 'Protected Mode' sandbox functionality introduced in Reader X prevents the exploit from successfully infecting Windows PCs," Sophos said in a blog post.
 
But Sophos also noted it has started seeing "a small number of targeted samples" of attackers trying to use this vulnerability (CVE-2011-2462/APSA11-04).
 
It said the emails "are well crafted and look very believable."
 
One sample appeared to come from Barclay's bank in New York City.
 
Similar emails have been seen in the wild pretending to be from other reputable organizations, it noted.
 
"If the attachment is opened in Adobe Reader 9 or earlier it drops three files d3d8caps.dat, AcrA2CA.tmp and dump.exe," Sophos said.
 
Dump.exe is a downloader that attempts to retrieve a further payload, it added.
 
Sophos said its software detects the malware as Mal/Dotter-A. — TJD, GMA News
Tags: hackers, hacking, hacked
LATEST ELEKSYON 2025 RESULTS
News
Voter's Education
Candidates
Find out your candidates' profile
Debates
Find the latest news
Stand on Issues
Find out individual candidate platforms
MyKodigo
Choose your candidates and print out your selection.
Voter's Profile
Voter Demographics
Most Popular