Fake E-mails Exploiting Adobe Acrobat X News Detected
Adobe is cautioning that by taking advantage of the news release on Adobe Acrobat X, cyber-criminals are conning unsuspecting users via the dispatch of scam e-mails.
Importantly, Acrobat X contains Acrobat software itself along with fresh Acrobat.com services such as Adobe SendNow.
Moreover, in connection with security, Adobe emphasizes that the most vital alteration undertaken is the Protected Mode, an environment created in the same line as that within Google Chrome. This fresh default feature that's already enabled may prevent the majority of PDF-based attack codes from running random malware on PCs.
Issuing an alert, Adobe's PSIRT (Product Security Incident Response Team) stated that as Adobe Acrobat X solutions became available, people must be careful while they got e-mails that posed as offers for an update for Adobe Reader or Adobe Acrobat supposedly from Adobe. Softpedia.com published this on November 17, 2010.
PSIRT added that a number of the said e-mails directed that recipients needed to furnish personal information and/or register their names and other details. The Team therefore urged recipients to remain wary that the messages weren't from Adobe or any entity on its behalf.
Worryingly, this isn't the first time that spam mails are leading end-users onto websites presenting bogus Adobe updates.
Nonetheless, Adobe emphasizes that its software updates bear a great importance as its PDF software in particular has been hackers' No.2 target since a few years. Software targets that are immediately ahead of PDF are Microsoft's operating systems and applications.
Meanwhile, Adobe observes that it's trying hard to rectify the above problem; however, hitherto its efforts have mostly been unsuccessful. The problem partially is because of the PDF specification's excessively open nature wherein the specification encourages every method of embedded functionality and scripting, which isn't required in daily utilization of the mechanics, whilst opening scope for each and every sort of attack code.
Encouragingly, the aforementioned release coincides with certain good news within Cisco's Global Threat Report for Q3 2010. According to it, malevolent exploits aiming at Adobe Acrobat and Reader dropped during Q3 2010 from 3% to 1% of the total Web-based malware over July-September 2010.
Related article: Fake Spam Mail Announces Australian PM’s Heart Attack
» SPAMfighter News - 27-11-2010