February 22, 2012, 10:45AM
Waves of Attacks Target Adobe Reader Bug From 2010
by Dennis Fisher
Thanks to the wonderful tendency of users not to update their applications, old vulnerabilities never die, they just get overtaken by newer and shinier ones. The attackers know this well, and every once in a while they serve up a nice reminder to the rest of us. The most recent one of these is a string of attacks against an Adobe Reader vulnerability from 2010.
The vulnerability, which is more than two years old, is a flaw in Reader and Acrobat that can be exploited remotely. At the time of the first reports about the bug, there were active attacks going on against it and exploit code was circulating online. But the CVE-2010-0188 bug didn't turn into one of those huge things that involve widespread malware attacks and so on. And it's been patched for a long time at this point, but that doesn't mean it's of no use to the bad guys anymore.
The attacks against this bug have been coming in waves for the last month or so, and Symantec researchers said that the company has seen more than 10,000 such attacks in just the last couple of weeks.
https://threatpost.c...'s Most Popular