Adobe reviews report of another security bug in its software

Wed Feb 13, 2013 5:06pm EST
 

By Jim Finkle

BOSTON (Reuters) - Adobe Systems Inc is investigating a report by a cybersecurity firm that hackers exploited previously unknown bugs in its Reader and Acrobat software to launch sophisticated attacks on personal computers.

FireEye, a Silicon Valley company that helps businesses fight cyber attacks, told Reuters it obtained so-called PDF files tainted with malicious software, which can take advantage of the newly discovered bugs.

It declined to identify any victims of the attacks.

A spokeswoman for Adobe said that the company is investigating the report, which surfaced late on Tuesday. She declined to elaborate.

This has been a busy year so far for Adobe's security team. In January, the company pushed out security updates to fix vulnerabilities in Reader, Acrobat and Flash, as well as a program known as ColdFusion that is used to build websites.

Last week, it rushed out a fix for Flash Player after security software maker Kaspersky Lab identified a critical bug that enabled hackers to install "back doors" and take control of PCs running on Microsoft Corp's Windows operating system or Apple Inc's Mac OS X.

Adobe's software has long been a popular target for hackers, who attack PCs by finding bugs in widely used programs that they can then exploit to insert viruses on computers. Experts estimate that Reader and Acrobat programs for accessing PDF documents and Flash Player for accessing Internet content are installed on more than 1 billion PCs.

Hackers exploiting the most recently discovered vulnerability use PDF files to infect PCs, according to FireEye.   Continued...