tsu doh nimh (609154) writes "Software vendor Adobe says it is investigating claims that instructions for exploiting a previously unknown critical security hole in the latest versions of its widely-used PDF Reader software are being sold in the cybercriminal underground, Krebsonsecurity.com writes. The finding comes from malware analysts at Moscow-based forensics firm Group-IB, who say theyâ(TM)ve discovered that a new exploit capable of compromising the security of computers running Adobe X and XI (Adobe Reader 10 and 11) is being sold in the underground for up to $50,000. This is significant because â" beginning with Reader Xâ" Adobe introduced a âoesandboxâ feature aimed at blocking the exploitation of previously unidentified security holes in its software, and until now that protection has held its ground. Adobe, meanwhile, says it has not yet been able to verify the zero-day claims."
Link to Original Source