Adobe Programs are Vulnerable to Trojan Attacks Says Trend Micro
Tuesday, March 17, 2009 4:51Adobe Programs are Vulnerable to Trojan Attacks Says Trend Micro
Trend Micro, an international content security provider, has warned users against a buffer overflow vulnerability in versions 9.0.0 and earlier of the Adobe Acrobat family of applications.
The vulnerability, which Trend Micro (News – Alert) Security Advisory rated as critical, may cause the program to crash, as well as allow a remote user to execute malicious code on an affected system.
The code exploits the vulnerability in a non-JavaScript function call; however, Trend Micro noted that it can also use JavaScript to execute malicious code. By disabling JavaScript, users may prevent code execution, but not crashes of Adobe Acrobat/Reader, the company said.
Affected programs include Adobe Acrobat Pro 9.0.0 and earlier versions, Adobe Acrobat Pro Extended 9.0.0 and earlier versions, Adobe Acrobat Standard 9.0.0 and earlier versions and Adobe Reader 9.0.0 and earlier versions, said a security bulletin from Adobe.
The malware affecting these programs include TROJ_PIDIEF.IN, TROJ_PIDIEF.IP, TROJ_PIDIEF.KO and TROJ_PIDIEF.JB, Trend Micro noted.
Trend Micro explains the process: “For example, the Trojan TROJ_PIDIEF.IN takes advantage of Adobe Vulnerability CVE-2009-0658 – an array indexing error when processing a malformed JBIG2 stream within a PDF document. It could allow attackers to cause a vulnerable application to crash or execute arbitrary code by tricking a user into opening a specially-crafted PDF file.”
Since Acrobat programs are integrated seamlessly with popular Web browsers, attackers can make an easy entry to a user system through a seemingly safe PDF file on a Web site, warns Trend Micro. The attacker convinces gullible users of the (fake) authenticity of this specially crafted Adobe Portable Document Format (PDF) file and coaxes them into opening it.
Trend Micro advises people to refrain from using these programs until Adobe includes appropriate patches for them. Adobe has already recommended users of Adobe Reader and Acrobat 9 to update to the latest versions Adobe Reader 9.1 and Acrobat 9.1 respectively.
Source: it.tmcnet.com
