BreadcrumbsHome / Adobe Zero-Day Exploit
Adobe Zero-Day Exploit
Last Updated on Sunday, 29 November 2009 09:53 Written by DarkKnightH20 Sunday, 11 October 2009 02:15
I’m a little late posting this, but the informaton is still important. Users should patch their system(s) as soon as they can.
Based on our findings, the shellcode (that was heap sprayed) jumps to another shellcode inside the .PDF file. The said shellcode then extracts and executes a malicious file detected by Trend Micro as BKDR_PROTUX.BD. The said backdoor is also embedded in the .PDF file and not the usual file downloaded from the Web. Protux variants are known for their ability to provide unrestricted user-level access to a malicious user. Earlier variants of the Protux backdoor were seen to have been used as payload in previous attacks exploiting vulnerabilities in Microsoft Office files.
1. Run Acrobat or Adobe Reader.
2. Go to Edit > Preferences.
5. Click OK.
Users are also advised to patch their systems as soon as Adobe releases the security patch. Trend Micro protects users with the Smart Protection Network by detecting the said exploit.”
Source: Trend Micro