From InfoWorld: A new zero day flaw in Windows XP and Server 2003 is being exploited in the wild to bypass the sandbox on unpatched versions of Adobe Reader, security firm FireEye has reported.
According to the firm's analysis, the vulnerability allows for a standard user running XP SP3 to elevate privileges to admin level, allowing a targeted attack on users running Reader versions 9.5.4, 10.1.6, 11.0.02 and before using a malicious PDF.
"An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full administrative rights," said Microsoft in a separate advisory (2914486).
In other words, attackers hitting this flaw can beat Adobe's sandbox by routing their sneakiness via a lower-level call through the OS itself.
The issue has been designated CVE-2013-5065 and an out-of-band patch looks like a distinct possibility given its seriousness.
"Upon completion of this investigation, Microsoft will take the appropriate action to help protect our customers. This may include providing a security update through our monthly release process or providing an out-of-cycle security update, depending on customer needs," said Microsoft's advisory, dropping a heavy hint that early action was likely.
View: Article @ Source Site
