Unpatched Adobe holes link Google and earlier attacks

Last July, workers at about 100 US technology companies were targeted with emails containing malicious PDF files that exploited a zero-day vulnerability in Adobe Reader. The attacks were detected early and there were no serious consequences, said Eli Jellenc, head of international cyber intelligence at Verisign iDefense.

In mid-December, Google, Adobe, and a host of other Silicon Valley companies were targeted by attacks originating in China, prompting Google to say that it will stop censoring its Chinese search results and to threaten to pull out of that market. The latest attacks also involved malicious PDF files in email attachments and the code was similar to the previous attack, Jellenc said.

Coincidentally, Adobe on Tuesday patched a zero-day vulnerability in Reader and Acrobat that was discovered in mid-December and was being exploited by attacks in the wild to deliver Trojan horse programs that install backdoor access on computers. Jellenc said he could not say for sure whether that was the vulnerability targeted in the attacks on Google and the others.

For more, read "Unpatched Adobe holes link Google and earlier attacks" from CNET News.