While Microsoft is still investigating a recently reported flaw in Windows XP, security firm Symantec has put up more information on this vulnerability and which countries are under immediate threat.
It seems that attackers have been attempting to exploit this vulnerability since November, meaning while the flaw has been around for a while, it practically flew undetected.
As Symantec just revealed in a blog post, a successful exploitation of this flaw allows an attacker the ability to execute arbitrary code — with kernel level privileges, no less. In simpler terms, this could potentially result in the affected computers being completely compromised.
Cybercriminals are trying to exploit the flaw using malicious PDF documents that are delivered via emails, and take advantage of a security hole:
“The attack arrives as a malicious PDF file with file names such as syria15.10.pdf or Note_№107-41D.pdf, likely by an email attachment, although there is a possibility that targeted users are being enticed to download the malicious file from a website prepared by the attacker.”
The security vendor has detected emails containing these malicious PDF documents sent in a number of countries, including India, Chile, Hungary, Germany Norway, Saudi Arabia, Australia and the United States, as the map above shows.
Symantec security products have, obviously, been update after the discovery of this zero-day flaw to block malicious PDF documents delivered by emails.
But Microsoft is expected to address this flaw in the December 2013 Patch Tuesday cycle of updates, which is more or less a week away now. Just be wary of opening PDF files in emails on your Windows XP machine, if you have one.
