Explore the latest news and trends  

Keep yourself up to date with one of the following options:

  • Explore more news around Spam/Phishing, Malware/Cyber-attacks and Antivirus
  • Receive news and special offers from SPAMfighter directly in your inbox.
  • Get free tips and tricks from our blog and improve your security when surfing the net.
Go

Recently Patched Adobe PDF Vulnerability Again Targeted

Hackers have once again targeted the newly patched Adobe PDF Reader flaw to implant Trojan virus downloaders on Windows systems.

As per the researchers at malware protection center of Microsoft, the vulnerability called CVE-2010-0188 was patched just few days back in February 2010, confirming that hackers are extremely quick to explore new targets for their malicious payload.

In his blog posted on March 8, 2010, Marian Radu, security researcher, Microsoft, said that while lately examining a malware containing PDF file, he noticed a new flaw abused by the sample. After some deep probing, he observed that the sample abused CVE-2010-0188.

Giving further details on the attack, Radu said that Adobe Reader opens and after that closes upon the installation of PDF file while executable file called a.exe is directly installed in the C:\ drive. The a.exe file, which is implanted into the PDF, looks to link to a .biz registered domain in order to install other files. Further, JavaScript is used to exploit this flaw effectively.

The Microsoft's researcher said that the malware containing file has presently been identified as Exploit: Win32/Pidief.AX. Moreover, the dropped malware has been detected as TrojanDownloader: Win32/Qaantiz.A.

The security experts opined that assaults using PDF bugs are surging; as a result, Adobe is facing troubles fighting its bad reputation as far as products puzzled with vulnerabilities are concerned.

It is noteworthy that Adobe had already cautioned about the recent attack in February 2010, advising users to update the software to the latest version which is automatically offered to all its users. Unfortunately, some of the users did not notice the memo and thus, the vulnerability is being abused for targeted assaults.

Moreover, security experts added that most of times, users are not aware of the regular updating that should be performed to evade cyber attacks. As a healthy practice, the security experts suggest that users should update their operating system and all the applications. They also asked them to avoid opening files coming from suspected sources.

Related article: Recent Natural Calamities in The US Might Give Rise to Online Scams

ยป SPAMfighter News - 17-03-2010

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Exchange Anti Spam Filter
Go back to previous page
Next