Categories: PCSecurityWorkspace

Cyber-Attack Targets Adobe Reader And Windows XP

Security firm Trustwave has warned that a cyber-attack is currently hitting systems on the Internet, which uses two vulnerabilities, one in Adobe Reader and another in Microsoft Windows.

According to its technical analysis of the attack, these vulnerabilities are being used to compromise Windows XP and 2003 systems and download code.

Sandbox Avoidance

The attack, first detected by threat-protection firm FireEye in late November, uses a software flaw to escape from the security container, also known as the or sandbox, which was implemented by Adobe to protect users of its software. A second part of the attack exploits a still-unpatched vulnerability in Windows XP and Windows 2003 to gain greater privileges so the attacker can install code on the compromised machine and take control of it.

While attacks that chain together several exploits – especially those that incorporate a privilege escalation – are not uncommon, the technique shows that these particular attackers are skilled, Ziv Mador, director of security research for Trustwave, told eWEEK.

“It shows the very high sophistication of the people who identified these vulnerabilities and turned them into attacks,” he said. “It shows that they are highly technical to find vulnerabilities in different products and combine them into a reliable exploit.”

Attackers continue to use more sophisticated techniques to get around defensive technologies put in place by operating system vendors and software developers. Microsoft incorporate techniques such as data execution protection (DEP) and address space layout randomisation (ASLR) to make exploitation of software flaws more difficult and less reliable.

A number of software developers, including Google and Adobe, have also incorporated sandboxing, which digitally cordons off suspicious code from the operating system. Yet, attackers have found ways to escape the sandbox and run code despite Microsoft’s mitigations.

XP Support

The latest attack also comes as Microsoft prepares to end support for Windows XP in April 2014. While Windows XP is a dozen years old, it continues to account for 31 percent of operating systems in use today, according to Net Applications, a company that tracks the market share of various Internet technologies.

Microsoft has not yet issued a patch for the issue, but the company advised that companies could make changes to eliminate the threat of the vulnerability on affected systems.

“These limited, targeted attacks require users to open a malicious PDF file,” Dustin Childs, a spokesperson for Microsoft’s Trustworthy Computing group, said in the blog post. “The issues described by the advisory cannot be used to gain access to a remote system alone.”

Adobe PDF files, Microsoft Office documents, and Oracle Java applets continue to be used by attackers to compromise systems in targeted attacks.

What do you know about Internet security? Find out with our quiz!

Originally published on eWeek.

Robert Lemos

Robert Lemos covers cyber security for TechWeekEurope and eWeek

Recent Posts

X’s Community Notes Fails To Stem US Election Misinformation – Report

Hate speech non-profit that defeated Elon Musk's lawsuit, warns X's Community Notes is failing to…

1 day ago

Google Fined More Than World’s GDP By Russia

Good luck. Russia demands Google pay a fine worth more than the world's total GDP,…

1 day ago

Spotify, Paramount Sign Up To Use Google Cloud ARM Chips

Google Cloud signs up Spotify, Paramount Global as early customers of its first ARM-based cloud…

2 days ago

Meta Warns Of Accelerating AI Infrastructure Costs

Facebook parent Meta warns of 'significant acceleration' in expenditures on AI infrastructure as revenue, profits…

2 days ago

AI Helps Boost Microsoft Cloud Revenues By 33 Percent

Microsoft says Azure cloud revenues up 33 percent for September quarter as capital expenditures surge…

2 days ago