By Alexandra Burlacu | Feb 22, 2013 09:40 AM EST
Adobe issued a critical update to users of its Reader and Acrobat software, patching a vulnerability that could allow hackers to take control of victims' computers.
The company recommends that all users of Adobe Reader and Acrobat XI and earlier, use the patch. The updates are designed for Windows, Macintosh and Linux users for versions 11.0.01, 10.1.5, 9.x and earlier version of Adobe's software. The updates address vulnerabilities that could cause a crash or potentially allow attackers to take control over affected systems.
The Adobe Reader update for Windows is available here, while Mac users can grab it at this link and Linux users can find it here. Adobe Acrobat Standard, Pro and Pro Extended users on Windows can find the update at this link, while Acrobat Pro users on Macintosh can get it here. Adobe further notes that automatic updates are enabled by default, but users can also manually check for an update by clicking Help > Check for updates.
The updates patch two vulnerabilities: CVE-2013-0640 and CVE-201300641. According to Adobe, targeted attacks are exploiting both vulnerabilities in attempts to trick Windows users into clicking on a malicious PDF file delivered by email. The vulnerabilities impact Windows and Mac users alike.
"Adobe recommends users apply the updates for their product installations," cautions the company. Adobe labeled the vulnerabilities as critical. The update follows a warning last week from security company FirstEye, which discovered that attackers were launching malicious PDFs at Windows users in a zero-day attack. The exploit is reportedly the first to bypass the sandbox technology Adobe uses in its software. According to FirstEye, the vulnerability could deploy two Dynamic Link Library (DLL) files when successfully exploited.
When a user opens the attachment, the embedded malware downloads two DLL files. One of those files displays a fake error message and opens a PDF document, while the other installs "callback" software onto the infected computer. Once installed, the malware calls back to a remote server.
Adobe reader and Adobe Acrobat users should update immediately, or at least activate Protected View. Activating this option may affect the number of options available in the software (no more printing, for instance), but it will prevent attacks from executing malicious code from within the documents.
If for some reason users cannot install the updates, they can turn on Protected View by clicking Edit > Preferences > Security (Enhanced) and checking the box next to "Files from potentially unsafe locations." Users can also check the "All Files" option as well.
© 2013 Mobile & Apps All rights reserved. Do not reproduce without permission.