Security experts are warning Adobe customers to be extra vigilant following the discovery of an attack that attempts to exploit a new zero-day vulnerability in Adobe’s Reader and Acrobat products.

In a blog posting late yesterday, Symantec’s Security Response team said it had received a “tip from a source” that there was a potential zero-day vulnerability in the wild affecting Reader and Acrobat.

“We have indeed confirmed the existence of a 0-day vulnerability in these products,” the posting continued. “The PDF file we discovered arrives as an email attachment. The attack attempts to lure email recipients into opening the attachment. When the file is opened, a malicious file is dropped and run on a fully patched system with either Adobe Reader or Acrobat installed. Symantec products detect the file as Trojan.Pidief.H.”

Adobe has since confirmed it has received and is investigating the “reports of a vulnerability in Adobe Reader and Acrobat 9.2 and earlier versions”.

According to Symantec’s latest monthly spam report, spam accounted for 70 percent of all email in September, which is one percent higher than the month before.

However, PDF spam, which saw a surge in August, dipped last month. Image and e-card spam volumes also fell. Image spam went from 10 percent of total spam in August to seven percent in September.

While PDF, image and e-card spam has gone down in volume, text and HTML-based attacks “are still very much in the wild”, the report noted.

According to Symantec, 400,000 JavaScript-embedded spam messages were observed in a one-week period in September.

Source: ZDNet