Adobe said that the vulnerability (CVE-2014-0497), reported to Adobe by Alexander Polyakov and Anton Ivanov of Kaspersky Lab, has an exploit that exists in the wild. Interestingly, Kaspersky Lab said earlier this week that it has been investigating a sophisticated malware that leverages high-end exploits, and includes a bootkit and rootkit, and also has versions for Mac OS and Linux. Neither Adobe nor Kaspersky Lab disclosed if the vulnerability patched today by Adobe has any connection to the cyber-espionage operation that Kaspersky Lab is calling “one of the most advanced threats at the moment”.
“Adobe is aware of reports that an exploit for this vulnerability exists in the wild, and recommends users update their product installations to the latest versions,” the company said in a security advisory. If there is any connection between CVE-2014-0497 and the operation dubbed "The Mask" by Kaspersky Lab, it will not likely be disclosed until the company shares the details of its findings at the Kaspersky Security Analyst Summit next week."
Link to Original Source