Adobe has confirmed reports that yet another unpatched vulnerability in the latest versions of its ubiquitous software is being actively exploited to infect end users with data-stealing malware.
The vulnerability exists in Adobe's Reader document viewer and Flash Media Player for Windows, OS X and Unix operating systems, Adobe warned on Thursday.
According to independent researchers, it is being exploited in the wild against Reader for Windows to install a nasty trojan known as Wisp, which according to Microsoft, steals sensitive user data and installs a backdoor on compromised systems.
The vulnerability itself resides in Adobe's Flash Player, which is available as stand alone software and is also embedded into Reader.
According to researcher Mila Parkour of the Contagio Malware Dump blog, poisoned PDF documents are circulating that drop two malicious binaries onto Windows machines that open the document files. [Date: 28 October 2010; Source: http://www.theregister.co.uk/2010/10/28/adobe_reader_critical_vuln/]
No comments:
Post a Comment