Explore the latest news and trends  

Keep yourself up to date with one of the following options:

  • Explore more news around Spam/Phishing, Malware/Cyber-attacks and Antivirus
  • Receive news and special offers from SPAMfighter directly in your inbox.
  • Get free tips and tricks from our blog and improve your security when surfing the net.
Go

Patched Adobe Vulnerability Exploited to Infect US Defense Contractors

F-Secure Labs, an Internet security company, has just identified an interesting cyber assault. Aimed at the US Military contractors, it uses security vulnerability in Adobe Reader that was recently patched during the 2nd week of January 2010.

The attack includes sending of a fake e-mail containing a malevolent PDF document and poses as a message from the Department of Defense. The document talks about the seminar scheduled to be conducted during March 2010 in Las Vegas.

Security researchers state that the PDF exploit uses the recently patched doc.media.newPlayer security flaw (CVE-2009-4324). The vulnerability, which emerged in the Multimedia.api used by Adobe, when exploited, can let a hacker execute malicious software.

According to Adobe, the vulnerability affects Reader in both Macintosh and Windows versions. The exploit plants an executable namely 'Updater.exe.' This executable represents a backdoor linked to 140.136.148.42 IP address. Anyone controlling this IP will be able to acquire admission into the infected PC along with other computers within the network. F-Secure reports that this IP is located in Taiwan.

Moreover, the backdoor avoids detection by evading the area web-proxy during the establishment of its link with the IP, the security company said.

Notably, a week ahead of Adobe's plan to release the security patch for a critical flaw in its widely-used PDF application, cyber attackers exploited the flaw to launch large scale as well as targeted attacks. In this context, the Internet Storm Center of SANS Institute reported models of the latest malware-ridden PDF file, which compromised computers via the abovementioned flaw.

Consequently, the researchers at F-Secure suggest that computer users should update their applications at the earliest in the wake of attack carrying out active exploitation.

The security researchers stated that in light of malevolent PDF files very common now-a-days, they were again advising the same. Moreover, users should not trust uninvited attachments, and also ensure that they have up-to-date antivirus software.

Finally, the researchers recommend that users should deactivate their JavaScript while working on Adobe's PDF application. This will help prevent several types of assaults against the software.

Related article: Patched Adobe Acrobat Reader Still Causing Threat

ยป SPAMfighter News - 27-01-2010

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Exchange Anti Spam Filter
Go back to previous page
Next