Symantec has issued a new security alert warning of a vulnerability in Adobe and with early reports of targeted rather than widespread attacks.

Symantec reveals that separate exploit attempts have come from the same source and “it seems likely targeted attacks are being used against, what Symantec calls, “highranking” people within different organisations.

It seems, according to Symantec, that the attackers, for example, try to locate the CEO’s email address on the company website and send a malicious PDF “in the hope that their malicious payload will run.”
 
Ominously, Symantec says that once the machine is compromised the attackers may gain access to sensitive corporate documents that could be costly for companies breached by the threat.

However, while notifying Adobe of the vulnerability in its software, Symantec says it has so far observed few exploits of the vulnerability in the U.S., China, Japan, Taiwan and the U.K. but continues to monitor for any signs of a widespread attack.

According to Symantec, it has “received several PDF files that actively exploit the Adobe vulnerability [BID#33751] and the exploit is currently heuristically detected as Bloodhound.PDF.6 by our solutions.  Malicious PDFs using this exploit will be detected as Trojan.Pidief.E.”

Symantec says the trojan attempts to exploit the Adobe Reader PDF File Handling Remote Code Execution Vulnerability in order to drop more files on to the compromised computer.

As you’d expect, Symantec has urged computer users to keep their antivirus definitions up to date and reminds everybody that malicious PDFs using this exploit will be detected as Trojan.Pidief.E.

The Symantec report can be found at: http://www.symantec.com/security_response/writeup.jsp?docid=2009-021212-5523-99 .