Explore the latest news and trends  

Keep yourself up to date with one of the following options:

  • Explore more news around Spam/Phishing, Malware/Cyber-attacks and Antivirus
  • Receive news and special offers from SPAMfighter directly in your inbox.
  • Get free tips and tricks from our blog and improve your security when surfing the net.
Go

Malware Penetrates Allegedly Patched Adobe Reader

Recently, a severe vulnerability in Adobe Acrobat has been discovered by the Shadowserver Foundation, which is being efficiently abused by scammers to install malware on the systems of unaware users.

As per the advisory from Shadowserver, while the vulnerability has been verified in Adobe Reader's 8.1.3 and 9.0.0 versions running on Windows XP Service Pack 3, it is assumed to be working on other versions also. According to Steven Adair, Security Expert at Shadowserver, adobe versions for machines running Linux and Apple's OS X are yet to be examined, but they may also be vulnerable, as reported by TheRegister on February 20, 2009.

The firm has revealed that multiple variants of the malware are presently active. One of the variant installs a remote access Gh0st RAT Trojan. The booby-trapped PDFs are already being detected by several anti-virus programs. Security firms, Symantec and Trend Micro have flagged the attacks as Trojan.Pidief.E and TROJ_PIDIEF.IN respectively. Both the firms have rated the threat as low; however, it was their one week old analysis. It seems as if attackers have raised the exploit since the second week of February 2009 when the threat was first identified.

Shadowserver feels that very few targeted attacks are being launched by exploiting the vulnerability of Adobe Reader. Though, these sorts of attacks are often more destructive.

Citing the solution to the problem, researchers at Shadowserver said that disabling the JavaScript would certainly prevent malware from getting installed on the PC, as per the advisory released by Shadowserver on February 19, 2009.

To follow the solution, user should open Adobe Reader, click Edit > Preferences > JavaScript and then, he/she should uncheck the box reading "Enable Acrobat JavaScript". However, researchers have warned that it may still result in the crash of application. But they further commented that it should rather be an easy choice to make - the mild loss in functionality or a crash versus system being hacked and valuable information being stolen.

Meanwhile, the firm believes that Adobe has acknowledged the issue and is efficiently working to fix it.

Related article: Malware Authors Turn More Insidious

ยป SPAMfighter News - 02-03-2009

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Exchange Anti Spam Filter
Go back to previous page
Next