Adobe officials say they're investigating claims of a recent attack. A newly published report claims the latest versions of the widely used Reader document viewer are under attack by exploit code that targets a previously unknown vulnerability.
The particular exploit is available in underground forums for as much as $50,000. It's significant because it pierces a security sandbox that until now has proved impervious to other online attacks, KrebsonSecurity journalist Brian Krebs reported on Wednesday. The security mechanism is designed to minimize the damage of attacks that exploit buffer overflows and other types of software bugs by isolating Web content from sensitive parts of the underlying operating system.
The vulnerability affects both Reader X and its recently introduced successor, Reader XI. And it's already incorporated into a custom version of the Blackhole Exploit Kit according to Krebs. The reporter wrote the developer behind Blackhole said he is hoping to add the exploit to the main version of the kit soon. Criminal hackers fold Blackhole into already hacked websites to give them the ability to exploit a wide variety of vulnerabilities when end users visit the sites.
Read 3 remaining paragraphs | Comments
DIGITAL JUICE
No comments:
Post a Comment
Thank's!