Symantec: Zero-day PDF attack targets Flash vulnerability
Symantec researchers said on Wednesday that they have discovered attacks in the wild whereby malicious Acrobat PDF files exploit a Flash vulnerability, and drop a Trojan onto computers.
Thus far, the attacks have largely uses a poisoned PDF that, upon opening, installs malware on a victim PC. However, according to Marc Fossi - Symantec's Manager of Development - offenders might go after the causal Flash flaw using code on a Web page, which would allow a drive-by-download for targeting a zero-day flaw, which perhaps is the most perilous category of Internet attack.
Fossi said: "What we've seen suggests that it could be targeted from a Web page. So far PDFs are the only attack vector against this new flaw." The 'in the wild' attacks can potentially affect millions of users since in all popular browsers are equipped with Flash, which is essentially operating system-independent. In fact, as per Symantec, any software that makes use of Flash is at risk to the attack.
According to Paul Royal, principal researcher at Web security services provider Purewire, Adobe Reader is vulnerable to the aforesaid attacks because its Flash interpreter is vulnerable.
With Symantec having discovered only a limited number of attacks till now, Fossi said that though the company does not intend spreading "widespread panic" about the new risk, "but it is another reason to remain cautious."