Image via Wikipedia

Adobe is investigating reports of vulnerability in Flash being exploited. It looks like, after malicious Acrobat PDF files get on a computer, they start exploiting the vulnerability to drop a Trojan onto it. Flash is a very popular add-on to most browsers and is also available in PDF files. Symantec stated that any software that uses Flash could come under attack until a fix is released. Adobe stated that it “is aware of reports of a potential vulnerability in Adobe Reader and Acrobat 9.1.2 and Adobe Flash Player 9 and 10. We are currently investigating this potential issue and will have an update once we get more information.”

Although the bug/vulnerability has been around since December 2008, the exploit was created only two weeks ago. But how does the exploit work? “Typically an attacker would entice a user to visit a malicious Web site or send a malicious PDF via e-mail. Once the unsuspecting user visits the Web site or opens the PDF this exploit will allow further malware to be dropped onto the victim’s machine. The malicious PDF files are detected as Trojan.Pidief.G and the dropped files as Trojan Horse.” – Patrick Fitzgerald from Symantec.

Although there are no fixes available, users can do two things to prevent attacks:

• Disable Flash in Adobe Reader 9 on Windows platforms by renaming the following files: “%ProgramFiles%\Adobe\Reader 9.0\Reader\authplay.dll” and “%ProgramFiles%\Adobe\Reader 9.0\Reader\rt3d.dll”
• Disable Flash Player or selectively enable Flash content as described in the “Securing Your Web Browser” document

We hope to see a genuine Adobe patch/fix/update that will fix this in the near future.