The folks over at FireEye discovered a new 0-day vulnerability in Adobe Reader, a vulnerability that’s already being exploited by attackers. By tricking users into opening a malicious PDF files, attackers could potentially open a connection between the user’s machine and their own.
Adobe Reader is everywhere. That’s why it’s such a high profile target for attackers. Look at it from a business perspective. If an attacker is going to invest time and resources in finding software vulnerabilities, as well as the risks that come with creating and distributing malware, it makes good business sense to make sure you’re getting the most bang for your buck. The more systems that a piece of software is installed on, the greater your chances of success.
Keep in mind that no software vendor is immune. All software is vulnerable. The real question is, how vulnerable? In 2012, four (4) code execution vulnerabilities were discovered in Adobe Reader. By comparison, only one (1) code execution vulnerability was discovered in Foxit PDF Reader. When we start to examine the number of vulnerabilities in comparable products, as well as the length of time between “vulnerability discovered” and “patch released,” the numbers don’t lie.
Systems running Adobe Reader are more exposed to compromise than systems running an alternative PDF reader, (like Foxit).
Regardless of whether you choose to stick with Adobe or switch to Foxit, you still need to be careful online. At a bare minimum, always follow these three (3) basic security practices:
- Don’t open email attachments from people you don’t know
- Don’t click on links unless you’re sure they’re safe
- Keep your desktop software up-to-date
Stay safe out there!