Just hours after Adobe patched Acrobat Reader, a malicious PDF document is on the loose that exploits bugs in the program's system
By: Captain Maverick
Published: Oct 25, 2007
Updated: Mar 10, 2010
Adobe just can't seem to get a break. Just hours after Adobe patched their reader program on Tuesday, a malicious document was on the loose that exploits bugs in the popular reader software. According to security firm Symantic, the mass mailing of the exploit files may be an attempt to leverage the exposure window between patch release and widespread adoption of the fix.
The malicious PDF document is attached to a spam email arriving with a file name such as YOUR_BILL.pdf or INVOICE.pdf and exploits the "mailto:" protocol vulnerability disclosed more than a month ago. Adobe fixed the flaw Monday and released updated 8.1.1. editions of both Reader and Acrobat that plug the hole. Users of older versions of the popular programs must either upgrade to 8.1.1 or apply one of the temporary work-arounds Adobe provided to stifle attacks.
Recipients of the attacking PDF launch a Trojan dubbed "Pidief.a"when opening the malicious file. The Trojan knocks out Windows firewall and downloads another piece of malware to the infected computer that is a dedicated downloader. This piece of code can retrieve files from a remote server and pull them onto the hacked computer at the hacker's command.
You can share this Adobe news story with your friends or family from our Technology section. This article can be shared through e-mail or sent to online social Web sites including Twitter, Facebook, MySpace and others. You can choose from one of the options below.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Welcome!