Marc Fossi, Symantec’s head of development, has stated that the company has already transferred this information about the malicious PDF file to Adobe itself, which “is working on fixing it.”
For its part, from Adobe have published a post, in which they affirm that they are “investigating this potential problem” and that they will provide an update of their software as soon as they have more information.
This Flash vulnerability, which is present in Adobe Reader versions v126.96.36.199 and v10.0.22.87 for Windows Mac and Linux and in the authplay.dll component that is included with Adobe Reader and Acrobat v9.x for Windows, Mac and UNIX, opens the door to attacks through PDF files to run malicious code on victims’ machines. “It allows remote access,” explains Fossi.
Fossi has also stated that the malicious PDF, which has been analyzed by Symantec, has not yet spread widely, but it is clear that it has been designed to attack computers. This malicious PDF allows “a whole battery of attacks and code execution.”
In a Symantec post, he explains that his antivirus software could protect against this hole in Flash but, for those users who do not use Symantec products, if user access control in Windows Vista is open, they advise that it will be useful to prevent the execution of the attack.
Earlier this week, Adobe responded to Secunia’s complaints about the Reader issue, which apparently also has security holes. Adobe is reportedly re-evaluating its update process and expects to have a patch ready by July 30 for the Adobe Reader vulnerability, and later for the authplay.dll component. While you’re trying Adobe recommends deleting that file, renaming it, or preventing access to it.