Adobe has urged us to exercise caution when handling PDF files following the discovery of, and subsequent attacks on, a flaw in Adobe software.
The company said in a Security Bulletin that it had received reports of attacks targeting a previously unknown flaw in Adobe Reader and Acrobat. When exploited, the flaw allows an attacker to remotely execute code on a targeted system.
The infected files trigger a memory buffer overflow, which in turn allows the attacker to remotely execute code on the targeted system.
“Right now we believe these files are only being used in a smaller set of targeted attacks,” wrote Shadowserver researcher Steven Adair. “However, these types of attacks are frequently the most damaging, and it is only a matter of time before this exploit ends up in every exploit pack on the internet.”