Symantec confirms zero-day PDF exploit

Symantec has confirmed the existence of a zero-day “Xmas exploit” that targets both Adobe Acrobat and Reader. The exploit is reportedly triggered by malicious PDF attachments which are opened by unsuspecting recipients.

?”When the file is opened, a malicious file is dropped and run on a fully patched system with either Adobe Reader or Acrobat installed. [We] detect the file as Trojan.Pidief.H,” explained Symantec.?

The exploit has also been confirmed by ShadowServer.

“We did not discover this vulnerability but have received multiple reports of this issue and have examined multiple different copies of malicious PDFs that exploit this issue. This is legit and is very bad,” the organization stated in an official post.