Symantec has confirmed that there is indeed a zero-day “Xmas exploit” that target both Adobe Acrobat and Reader.
The zero-day vulnerability is said to be triggered by malicious PDF attachments which unknowingly being opened by recipients.
“The PDF files we discovered arrives as an email attachment. The attack attempts to lure email recipients into opening the attachment. When the file is opened, a malicious file is dropped and run on a fully patched system with either Adobe Reader or Acrobat installed. Symantec products detect the file as Trojan.Pidief.H.,” Symantec said in a blog post.
According to Symantec, they have already informed Adobe of the vulnerability.
Brad Arkin, Adobe’s director of product security and privacy, said the company learned of the attack Monday.
“This afternoon, Adobe received reports of a vulnerability in Adobe Reader and Acrobat 9.2 and earlier versions being exploited in the wild,” Adobe wrote in a post to its Product Security Incident Response Team blog Monday afternoon.
“We are currently investigating this issue and assessing the risk to our customers.”
Symantec, for the meantime, has urged users to be “extra vigilant” this holiday season especially when opening attachments received from unknown individuals.