• Skip to main content
  • Skip to primary sidebar
  • Skip to footer
  • Home
  • About Darknet
  • Hacking Tools
  • Popular Posts
  • Darknet Archives
  • Contact Darknet
    • Advertise
    • Submit a Tool
Darknet – Hacking Tools, Hacker News & Cyber Security

Darknet - Hacking Tools, Hacker News & Cyber Security

Darknet is your best source for the latest hacking tools, hacker news, cyber security best practices, ethical hacking & pen-testing.

Adobe Reader Vulnerability Being Actively Exploited

February 11, 2008

Views: 13,320

[ad]

It seems like some recently patched flaws in Adobe Reader are actively being exploited in the wild, mostly via malicious banners from various sites.

Nothing particularly nasty is happening, but a trojan is being installed which can intercept search engine results. It’s definitely recommended to update to the latest version (8.1.2).

Personally I don’t have such a problem…as I use Foxit Reader instead, I find Adobe software incredibly bloated.

iDefense says that on Friday it saw the same banner ad tactic being used in the wild to install a Trojan horse program. That Trojan, dubbed “Zonebac,” disables various anti-virus products and modifies the victim’s search engine results. As of late Friday evening, the company claims that not a single commercial anti-virus product detects this thing as malicious.

While having some unwelcome program monkey with your search results may not sound like the worst thing to have happen to your PC, cyber criminals may find more nefarious purposes for this vulnerability.

It’s an interesting target for criminals because Adobe Reader has a truly enormous install base, yet it is one of those applications that so few people even think to update regularly. According to Adobe, more than 500 million copies of Adobe Reader have been distributed worldwide on 23 platforms and in 26 languages. The product also is distributed by the top 10 PC manufacturers.

That’s a lot of installs of Adobe Reader, I would hazard a guess that only 10-20% max are regularly updated to the latest version – that leaves an aweful lot of people vulnerable to some pwnage by these spammers.

You can work out the rest of the figures yourself..

Adobe released an updated security advisory for this patch late Thursday, but it didn’t contain many more details than the original advisory, other than to credit iDefense and several other security vendors for reporting vulnerabilities. iDefense said an internal researcher discovered the flaw, and that the company alerted Adobe back on Oct. 11, 2007. A spokesperson for Fortinet, also credited in the latest advisory, said researchers alerted Adobe to their findings on Nov. 1, 2007.

Steve Gottwals, senior product management for Adobe Reader, declined to say how many vulnerabilities this 8.1.2 patch fixed, but confirmed reports that the attackers were already exploiting the flaw.

At least Adobe aren’t too slow with updates, I wish their software wasn’t so hugely bloated, come one it’s a PDF reader how freaking huge does it have to be?

It just displays PDFs!

Well it has to be 22.4mb for the latest Windows version, compare that with Foxit Reader which is 2.2mb – much faster and does exactly the same things.

I know which I prefer.

Source: Security Fix

Share
Tweet
Share
Buffer
WhatsApp
Email
0 Shares

Filed Under: Exploits/Vulnerabilities, Windows Hacking Tagged With: adobe, adobe acrobat, adobe exploit, adobe reader, adobe vulnerability, hacking-software, hacking-windows, vulnerabilities, Windows Hacking



Reader Interactions

Comments

  1. eM3rC says

    February 11, 2008 at 9:12 am

    Thanks Darknet for the post.

    Although I have not heard of many people using adobe products to spread their malicious deeds, it seems like adobe products in general are very easy to hack. Take for example photoshop. One of my friends showed to that all one has to do to crack the program is replace the shortcut. Thats it… Replace 1 2.4mb file… Seems kind of sad considering it is around $1000.

  2. Ian Kemmish says

    February 11, 2008 at 11:46 am

    I don’t know what the position is these days, but in the early days there were just three implementations of JPEG code – Adobe’s, the IJG’s, and mine. This suggests that fixing of JPEG exploits would in general be “out of sync” between Adobe and the rest of the world. Sometimes malicious images that work with everything else wouldn’t work with Acrobat, and sometimes vice versa.

    As for bloat…. well, any real OS has PDF rendering built into the window server (spot the smug Mac user), so you’d only use Acrobat for the other things it gives you, not for viewing static documents.

  3. Pantagruel says

    February 11, 2008 at 12:09 pm

    I guess most people use Acrobat reader just because it’s the only one they know. We get the odd user screaming for Adobe acrobat suite to generate pdf files themself. We always hand out a gpl-ed solution saving quite some money while getting the same result (they always think they need all the wisstles and bells from the Adobe suite but never generate more than just a pdf from their txt processor or spreadsheet.)
    Darknet points us to Foxit Reader and is absolutely right about the bloated size of Adobe products (and a bloated price tag but that’s something diferent)

  4. eM3rC says

    February 12, 2008 at 2:11 am

    @Pantagruel
    It seems as though the computer using public is very ignorant to computers and most of the things that happen to them in general.

    Of the many people I worked for, almost none had an adequate form of computer protection and they believed the slow computers were the way they were “just because”. I think as time progresses the youth (who know far more computers than the old timers) will bring about a trend in increased computer knowledge although companies such as microsoft should make people more aware of the threats on the internet.

  5. Pantagruel says

    February 12, 2008 at 4:06 pm

    @eM3rC

    In computer land it’s up to the knowledgeable few to both educate and protect the masses from the harms stemming from the Net.
    The typical user doesn’t want to be bother with all the “tech talk” but expects a perfectly running machine. Judged by the market penetration MS should pick up the challenge and provide basic safety from a clean install (and beyond). MS is trying very hard with their “One Care” package but it seems a half hearted attempt. We should not forget the anti-trust suite, ‘preventing’ MS from throwing in too much software that might hinder fair competition (at least in the European distro, to my opinion they -EU committee- have a point).

    The youngsters will know by far more then we will do, but it’s fun to see that the up and coming generation of computer wizards is oblivious to old skool tools and the power of the CLI. A younger colleague passed his ‘ MS proof of point and click’ certificate (sorry I just do not like MSCE and alikes) but is still left in a bind if he cannot initiate a remote desktop to a server (guess i’ll have to teach him about ssh/CLI and so on)

  6. Pantagruel says

    February 12, 2008 at 5:38 pm

    Guess I really didn’t need to add more comments about the quality of MS ‘One care’

    http://www.darknet.org.uk/2007/03/microsoft%e2%80%99s-live-onecare-the-worst-anti-virus-solution/

  7. J. Lion says

    February 12, 2008 at 9:50 pm

    @Pantagruel

    It’s been almost a year – hopefully, MS has a stronger offering.

  8. eM3rC says

    February 13, 2008 at 2:38 am

    @Pantagruel
    I am in total agreement with you but I have one point to bring up… Apple. Their OS works with flawless speed and any problems that seem to arise from the OS are fixed almost immediately. I know they are not perfect, but they are as close to it in the computer world as I can think of.

    I think as time progresses there will be more people aware of computer security as well as hacking. Although there will be more and more protected computer the attacks will get more and more complicated ;)

    Its people like you and Sir Henry (where is he by the way?) who will make a huge impact on people who lack an acceptable amount of computer knowledge.

    @J. Lion
    Vista was almost as bad as Windows 98.

  9. Jim says

    February 13, 2008 at 3:08 am

    Thanks for the article. I could not agree more with you on FoxIt. What a great little app.

    A really annoying thing happened to me when my last MS security patches went in, MS realized that Adobe was not the default for pdf files and automagically changed my default pdf handler from FoxIt to MS Word!!!

  10. eM3rC says

    February 13, 2008 at 5:04 am

    @Jim
    I don’t know if you know how to fix the problem but just incase (or if someone else wants to know) here’s how you do it.

    First download or select a .pdf file on your computer. Next right click it and select “open with”. A new window should appear, scroll down to foxit, select it, and check the box that says something like “always use this program”. Click OK.

    Hope this helps someone out there.

  11. Jared says

    February 13, 2008 at 5:10 am

    I’m really fed up with adobe wanting to install the google toolbar with adobe reader. As a matter of fact I don’t really see the point of installing any toolbar on my browser. I think that it’s unfortunate for newby users that lots of the major software vendors hide these toolbar downloads in other programs so that distributer can make money.

  12. eM3rC says

    February 13, 2008 at 6:34 am

    @Jared
    Amen. Its even worse with things like computer operating systems where they load like 20+ programs on the computer.

    All I can say is read the boxes before installs and look for better alternatives for software such as Foxit.

    Good luck mate!

  13. Darknet says

    February 13, 2008 at 7:50 am

    I hate toolbars, but they all install on IE, which I don’t use so they don’t really effect me.

    I have seen some newb computers with 5-6 toolbars and they wonder why surfing is slow (Alexa, Yahoo!, Google, Stumble, MS Live! etc).

  14. Pantagruel says

    February 13, 2008 at 1:17 pm

    @Darknet

    True some of the bigger PC suppliers (HP/Dell and such) are shipping their corporate machines with a bloated load of ‘handy and free’ software (toolbars, 30 day limited viral scanners. image processing packages, etc..). One of the first things in our SOP for installing a new pc (after physical check of the package) is do a full re-install without all the shit (unattended install, etc).

  15. J. Lion says

    February 13, 2008 at 6:45 pm

    Buying new PCs now require 2-10 hours of your time uninstalling crapware!

  16. eM3rC says

    February 14, 2008 at 4:03 am

    @For both J. Lion and Pantagruel
    Check out a piece of software called PC Decrapifier (http://www.pcdecrapifier.com/) it removes a lot of that stuff and I found it saves a lot of time when setting up new computers.

    @Darknet
    Mozilla for the win! :)

  17. Stamatis says

    February 22, 2008 at 1:54 pm

    I had many problems using Foxit Reader especially on printing.

  18. eM3rC says

    February 23, 2008 at 4:25 am

    @Stamatis
    I’ve been printing documents off of foxit for a few weeks and haven’t had any problems. Although you didn’t give any details do you think it might be the printer or might have to do with the document having some kind of security on it?

    I know some ebooks allow the user to view it but not copy or print whats in it.

Primary Sidebar

Search Darknet

  • Email
  • Facebook
  • LinkedIn
  • RSS
  • Twitter

Advertise on Darknet

Latest Posts

Bantam - Advanced PHP Backdoor Management Tool For Post Exploitation

Bantam – Advanced PHP Backdoor Management Tool For Post Exploitation

Views: 289

Bantam is a lightweight post-exploitation utility written in C# that includes advanced payload … ...More about Bantam – Advanced PHP Backdoor Management Tool For Post Exploitation

AI-Powered Cybercrime in 2025 - The Dark Web’s New Arms Race

AI-Powered Cybercrime in 2025 – The Dark Web’s New Arms Race

Views: 493

In 2025, the dark web isn't just a marketplace for illicit goods—it's a development lab. … ...More about AI-Powered Cybercrime in 2025 – The Dark Web’s New Arms Race

Upload_Bypass - Bypass Upload Restrictions During Penetration Testing

Upload_Bypass – Bypass Upload Restrictions During Penetration Testing

Views: 490

Upload_Bypass is a command-line tool that automates discovering and exploiting weak file upload … ...More about Upload_Bypass – Bypass Upload Restrictions During Penetration Testing

Shell3r - Powerful Shellcode Obfuscator for Offensive Security

Shell3r – Powerful Shellcode Obfuscator for Offensive Security

Views: 690

If antivirus and EDR vendors are getting smarter, so are the tools that red teamers and penetration … ...More about Shell3r – Powerful Shellcode Obfuscator for Offensive Security

Understanding the Deep Web, Dark Web, and Darknet (2025 Guide)

Understanding the Deep Web, Dark Web, and Darknet (2025 Guide)

Views: 8,479

Introduction: How Much of the Internet Can You See? You're only scratching the surface when you … ...More about Understanding the Deep Web, Dark Web, and Darknet (2025 Guide)

DataSurgeon is an open-source Linux-based data extraction and transformation tool designed for forensic investigations and recovery scenarios.

DataSurgeon – Fast, Flexible Data Extraction and Transformation Tool for Linux

Views: 470

DataSurgeon is an open-source Linux-based data extraction and transformation tool designed for … ...More about DataSurgeon – Fast, Flexible Data Extraction and Transformation Tool for Linux

Topics

  • Advertorial (28)
  • Apple (46)
  • Countermeasures (227)
  • Cryptography (82)
  • Database Hacking (89)
  • Events/Cons (7)
  • Exploits/Vulnerabilities (431)
  • Forensics (65)
  • GenAI (3)
  • Hacker Culture (8)
  • Hacking News (229)
  • Hacking Tools (684)
  • Hardware Hacking (82)
  • Legal Issues (179)
  • Linux Hacking (73)
  • Malware (238)
  • Networking Hacking Tools (352)
  • Password Cracking Tools (104)
  • Phishing (41)
  • Privacy (219)
  • Secure Coding (118)
  • Security Software (233)
  • Site News (51)
    • Authors (6)
  • Social Engineering (37)
  • Spammers & Scammers (76)
  • Stupid E-mails (6)
  • Telecomms Hacking (6)
  • UNIX Hacking (6)
  • Virology (6)
  • Web Hacking (384)
  • Windows Hacking (169)
  • Wireless Hacking (45)

Security Blogs

  • Dancho Danchev
  • F-Secure Weblog
  • Google Online Security
  • Graham Cluley
  • Internet Storm Center
  • Krebs on Security
  • Schneier on Security
  • TaoSecurity
  • Troy Hunt

Security Links

  • Exploits Database
  • Linux Security
  • Register – Security
  • SANS
  • Sec Lists
  • US CERT

Footer

Most Viewed Posts

  • Brutus Password Cracker – Download brutus-aet2.zip AET2 (2,291,667)
  • Darknet – Hacking Tools, Hacker News & Cyber Security (2,173,069)
  • Top 15 Security Utilities & Download Hacking Tools (2,096,614)
  • 10 Best Security Live CD Distros (Pen-Test, Forensics & Recovery) (1,199,675)
  • Password List Download Best Word List – Most Common Passwords (933,462)
  • wwwhack 1.9 – wwwhack19.zip Web Hacking Software Free Download (776,130)
  • Hack Tools/Exploits (673,286)
  • Wep0ff – Wireless WEP Key Cracker Tool (530,143)

Search

Recent Posts

  • Bantam – Advanced PHP Backdoor Management Tool For Post Exploitation May 9, 2025
  • AI-Powered Cybercrime in 2025 – The Dark Web’s New Arms Race May 7, 2025
  • Upload_Bypass – Bypass Upload Restrictions During Penetration Testing May 5, 2025
  • Shell3r – Powerful Shellcode Obfuscator for Offensive Security May 2, 2025
  • Understanding the Deep Web, Dark Web, and Darknet (2025 Guide) April 30, 2025
  • DataSurgeon – Fast, Flexible Data Extraction and Transformation Tool for Linux April 28, 2025

Tags

apple botnets computer-security darknet Database Hacking ddos dos exploits fuzzing google hacking-networks hacking-websites hacking-windows hacking tool Information-Security information gathering Legal Issues malware microsoft network-security Network Hacking Password Cracking pen-testing penetration-testing Phishing Privacy Python scammers Security Security Software spam spammers sql-injection trojan trojans virus viruses vulnerabilities web-application-security web-security windows windows-security Windows Hacking worms XSS

Copyright © 1999–2025 Darknet All Rights Reserved · Privacy Policy