Newest Adobe zero-day PDF exploit bypasses two Microsoft defenses

From InfoWorld: The exploit for a critical unpatched bug in Adobe Reader that's now circulating is "clever" and "impressive," security researchers said this week.

First uncovered on Tuesday by Washington-based researcher Mila Parkour, attackers are using rigged PDF documents that include code to exploit a zero-day vulnerability in the widely used Reader PDF viewer as well as in Acrobat, Adobe's PDF creation software.

The sophisticated exploit bypasses two important defenses that Microsoft erected to protect Windows, ASLR (address space layout randomization) and DEP (date execution prevention), researchers have confirmed.

"It's pretty clever," said Chet Wisniewski, a senior security adviser with software security firm Sophos. "It circumvents protections like ASLR and DEP. Its techniques are certainly out of the ordinary and a lot more sophisticated than the garden variety [PDF] exploit."

The attack, which has been spotted attached to emails touting renowned golf coach and author David Leadbetter, also includes a malicious file that's digitally signed with a valid signature from Missouri-based Vantage Credit Union.

View: Article @ Source Site