Russian security firm claims zero-day attack overcomes Adobe Reader’s defense
According to a recent disclosure by Russian security firm Group-IB, the newest sandboxed versions of Adobe Reader are apparently vulnerable to a zero day which has been bundled with an edition of the notorious Blackhole exploit kit.
With Blackhole exploit kit characteristically linked to Trojan attacks on banking customers, Group-IB said that the Adobe sandboxing protections – which the company has put in place for its Reader products released 2010 onwards – are trounced by an exploit which makes use of a zero-day vulnerability that affects Adobe Reader X and XI.
Releasing a YouTube video to demonstrate how the exploit works, Group-IB said that the zero day packaged with the Blackhole exploit kit is being sold in “small circles of the underground” for an amount ranging from US$30,000 to US$50,000.
Though Group-IB announced its find as well as the You Tube video before warning Adobe about the flaw, the security firm did not provide any detailed information about the exploit’s capability in overcoming Adobe’s sandboxed “Protected Mode”, which is the Reader’s defense against exploits.
Noting that Adobe itself was unaware of the details about the claimed vulnerability on Wednesday, Adobe spokesperson Wiebke Lips said that though Adobe has seen Group-IB’s claims, it is yet to receive the details from the security firm.
Lips further added: “Without additional details, there is nothing we can do, unfortunately—beyond continuing to monitor the threat landscape and working with our partners in the security community, as always.”