Adobe posted a vulnerability report warning that vulnerabilities in Adobe Reader and Acrobat XI (11.0.1) and earlier versions are being exploited in the wild. Adobe is currently investigating this issue.
According to the FireEye blog posted earlier today, the malicious file arrives as a PDF file. Upon successful exploitation of the vulnerabilities, two malicious DLL files are dropped.
Symantec detects the malicious PDF file as Trojan.Pidief and the two dropped DLL files as Trojan Horse.
We are currently investigating the possibility of further protections for these vulnerabilities and will provide an update to this blog when possible.
A subsequent advisory posted by Adobe indicates the following versions of Adobe Reader and Acrobat are vulnerable:
- Adobe Reader XI (11.0.01 and earlier) for Windows and Macintosh
- Adobe Reader X (10.1.5 and earlier) for Windows and Macintosh
- Adobe Reader 9.5.3 and earlier 9.x versions for Windows and Macintosh
- Adobe Acrobat XI (11.0.01 and earlier) for Windows and Macintosh
- Adobe Acrobat X (10.1.5 and earlier) for Windows and Macintosh
- Adobe Acrobat 9.5.3 and earlier 9.x versions for Windows and Macintosh
Symantec advises users to apply any patches as soon as Adobe makes them available.