Zero Day

Ryan Naraine and Dancho Danchev

56 percent of enterprise users using vulnerable Adobe Reader plugins

By Dancho Danchev | August 9, 2011, 4:22am PDT

Summary: According to Zscaler’s most recent “State of the Web” security research report 56.46% of enterprise users running Adobe Reader have outdated version installed.

According to Zscaler’s most recent “State of the Web” security research report, 56.46% of enterprise users running Adobe Reader have outdated version installed, making them susceptible to client-side exploitation kits courtesy of web malware exploitation kits such as the Blackhole Exploit Kit which targets vulnerabilities in Adobe Reader and Java.

“Patching and updating is key to security as many attacks now target outdated plug-ins. In fact, recent large hacks making headlines are thought to have been performed by compromising just one plug-in in an enterprise,” said Michael Sutton, VP security research at Zscaler .

Not surprisingly, cybercriminals are quick to adapt. Thanks to the modular nature of web malware exploitation kits, they can add exploits targeting a particular exploitation vector at any time. In this case, Adobe Reader will be exploited “in between” the rest of the client-side exploits available at the disposal of the malicious attacker.

The research findings were also confirmed in a separate study conducted by Avast. In it, the researchers found out that 6 out of every 10 users run vulnerable Adobe Reader.

So, what are you waiting for? Check whether you’re running vulnerable plugins susceptible to client-side exploitation, and patch them right away.

Kick off your day with ZDNet's daily e-mail newsletter. It's the freshest tech news and opinion, served hot. Get it.

More from “Zero Day”

Is your IP address on the 'Shady Rat' server?

Microsoft expecting exploits for critical IE vulnerabilities

Topics

Adobe Systems Inc., Web, Adobe Acrobat Reader, Plug-in, Spyware, Adware & Malware, Cyberthreats, Channel Management, Viruses And Worms, Security, Marketing, Dancho Danchev

Dancho Danchev is an independent security consultant and cyber threats analyst, with extensive experience in open source intelligence gathering, malware and cybercrime incident response.

Full Bio
Disclosure
Contact

Vendor HotSpot

Here to help you with your Document Management Needs

Read the DocuMentor blog now

Learn More »

Talkback Most Recent of 14 Talkback(s)

Follow via:: RSS; Email Alert

RE: 56 percent of enterprise users using vulnerable Adobe Reader plugins

A unified package management system to manage all software is always a good idea, look at Debian.
qjqqyy
9th Aug
- Reply to
- Flag
What about using existing A/V to warn about that?

Dancho, can you tell why antivirus makers doesn't use the existing A/V infrastructure to warn about vulnerable software, like outdated Adobe Reader plugins? That would be a great improvement to any antivirus system. Let's stop treating the consequences, let's go after the root causes.
dschwingel
9th Aug
- Reply to
- Flag
RE: 56 percent of enterprise users using vulnerable Adobe Reader plugins

Adobe Reader is one of those low priority products. Its only used when a user has to use it, its not open all day and running so these statistics don't surprise me.
LoverockDavidson
9th Aug
- Reply to
- Flagged
RE: 56 percent of enterprise users using vulnerable Adobe Reader plugins

Adobe needs a better updater for Flash. As it is now, it only checks when you reboot. I can go 30-60 days without a reboot. They need to test this daily. It should be part of Windows Update.
WindowWasher
9th Aug
- Reply to
- Flag
RE: 56 percent of enterprise users using vulnerable Adobe Reader plugins

100% of users using vulnerable Adobe Reader plugins - we just don't know it yet. Snarkiness aside, all versions of Read are vulnerable except the very latest one, and that one will be vulnerable soon enough, if history is anything to go by.
Drew F.
9th Aug
- Reply to
- Flag
Not Surprising - Try to Run Adobe Reader X On 6 or 8 Year Old Hardware

This isn't really surprising. A lot of companies still have quite a number of workstations in use that are more than 5 years old, and have 512MB or less RAM. Have you ever tried running Adobe Reader X on a 6 year old Windows XP machine with 256 MB of RAM? Reader 7 still runs fine; Reader 9 or X makes the system choke.
CFWhitman
9th Aug
- Reply to
- Flag
RE: 56 percent of enterprise users using vulnerable Adobe Reader plugins

What I want to know is, why use Adobe Reader at all? There are other PDF readers available.
The One True Fnerd
9th Aug
- Reply to
- Flag
RE: 56 percent of enterprise users using vulnerable Adobe Reader plugins

@The One True Fnerd

Foxit is a good product, but is not compatible with all websites that use PDFs or every PDf document. (It is also a far cry from the tiny Foxit 1.0 standalone executable I used to use.) Where I work, we replaced Adobe Reader with Foxit, and now we are replacing Foxit with Adobe Reader, (v9.x not 10.) Personally, I think it is an arms race between Adobe and the competition, just like with M$ products back in the late 90s. Every incremental upgrade makes the competition unable to open the latest documents. The consumers are the ones being harmed.
michaellashinsky@...
9th Aug
- Reply to
- Flag
RE: 56 percent of enterprise users using vulnerable Adobe Reader plugins

The Avast study is flawed if it calls all 9.x versions of Reader "vulnerable". AFAIK Adobe is still patching 9.x even though 10 (X) is available. For how long remains to be seen, however.
PB_z
9th Aug
- Reply to
- Flag
Secunia

Look at Secunia, you will get a short scan daily that looks for anything that has gone vulnerable in the last day. For example today I got a 99% rating. It was for an item that Windows Update had downloaded but not yet installed. With Secunia you will update your pdf and flash stuff all the time.
mswift@...
9th Aug
- Reply to
- Flag
RE: 56 percent of enterprise users using vulnerable Adobe Reader plugins

@mswift@...
Yup.
Secunia is cool.
I also use FOXIT reader in place of Adobe.
kiwisewi77
1st Sep
- Reply to
- Flag
Duh.

Probably because Adobe can only be bothered to update its software for only the most recent hardware and OSes, but businesses that can't afford to update to "latest and greatest" every six months are still running older stuff.
Scott Kitts
9th Aug
- Reply to
- Flag
RE: 56 percent of enterprise users using vulnerable Adobe Reader plugins

I have wndws XP Home.
526MB
Adobe 10 runs on it.
Secunia warns me of outdated programmes and I never have downloading troubles.
A buisness needs a central task manager who oversees the security on all the computers running.
As for the Adobe is old rubbish, IE doesn't work too good without it and when kept up to date it is a good programme.
Don't forget to always remove old editions of Adobe should Adobe not do it when downloading.
Manual labour isn't so hard.
kiwisewi77
1st Sep
- Reply to
- Flag
RE: 56 percent of enterprise users using vulnerable Adobe Reader plugins

m2 pvp serverlar tan??t??m?? pvp serverler mt2 private servers metin2 pvp serverler metin2 games metin2 pvp serverlar
mt2 pvp servers pvp metin2 online games mt2 pvp m2 games servers metin2
private servers mt2 private server m2 private online game metin 2
g??zel s??zler roms guzel sozler
face 100 ifadeleri yemek tarifleri yemek tarifleri face guncel news face t He Facebook land facebook
games hiller metin2 hile games dowland metin2 indir

chat
mynet
sex
sex hikayeleri
sirnem
20th Sep
- Reply to
- Flag