Internet Explorer and Adobe Reader exploits uncovered

2010-01-19

Exploits have been discovered in both Internet Explorer and Adobe Reader, with the vulnerability in the former used in targeted attacks against 34 major corporations including Google.

BitDefender, which found the critical zero-day exploits, has issued an emergency update to users of its security products which blocks the malicious code before it negatively affects the target system.

The threat affecting Internet Explorer is known as CVE-2010-0249 and looks to take advantage of a memory corruption vulnerability on all versions, except for Internet Explorer 5.01 Service Pack 4 for Microsoft Windows 2000 Service Pack 4.

As for the Adobe Reader threat, CVE-2009-4324, it affects Adobe Reader and Acrobat 9.2 as well as earlier versions.

According to BitDefender, it could cause crashes and let a remote party execute arbitrary code on the victim's computer.

It recently emerged that Google suffered a targeted attack on its corporate infrastructure back in mid-December.

The search engine giant claims to have evidence to suggest the main aim of the attackers was to access the Gmail accounts of Chinese human rights activists.

Read more security news.