On December 15, 2009, critical zero-day vulnerability in Adobe Reader and Adobe Acrobat was announced with the exploit code. Taking advantage of this flaw, Hacker may create a .pdf file containing the exploit code on a website, tricking users to click on the link to the file. The malicious code will then be executed and hacker gain control over the computer.

Adobe’s pdf files processing softwares contain Javascript processing modules. The newly found flaw lies in these modules. Specifically, when the newplayer function is not properly processed, software will crash. Taking advantage of the Javascript and software crash, Hacker can easily insert malicious code using Heapspray technique. Below is the exploit code analyzed by Bkis’ experts:

 pdf newplayer

The exploit code in pdf file

In the meantime, the pdf file containing malicious code to exploit this flaw has become available. Additionally, Adode has officially acknowledged this critical vulnerability, but they cannot issue the patch yet. Thus, Bkis recommends users to be cautious with unknown links or email attachments.:

Besides, until Adobe releases the official patch, users are recommended to disable Javascript processing feature following these steps: Edit >> References >> Javascript >> Enable Javascript.

Leave a Reply

Name (required)
Mail (hidden) (required)
Text to Identify

Popup Date Time Portlet

Blogs Aggregator

Recent Posts

Blog Category Portlet


Store Portlet


Vote Baby Portlet