Patched Adobe Vulnerability Exploited to Infect US Defense ContractorsF-Secure Labs, an Internet security company, has just identified an interesting cyber assault. Aimed at the US Military contractors, it uses security vulnerability in Adobe Reader that was recently patched during the 2nd week of January 2010. The attack includes sending of a fake e-mail containing a malevolent PDF document and poses as a message from the Department of Defense. The document talks about the seminar scheduled to be conducted during March 2010 in Las Vegas. Security researchers state that the PDF exploit uses the recently patched doc.media.newPlayer security flaw (CVE-2009-4324). The vulnerability, which emerged in the Multimedia.api used by Adobe, when exploited, can let a hacker execute malicious software. According to Adobe, the vulnerability affects Reader in both Macintosh and Windows versions. The exploit plants an executable namely 'Updater.exe.' This executable represents a backdoor linked to 140.136.148.42 IP address. Anyone controlling this IP will be able to acquire admission into the infected PC along with other computers within the network. F-Secure reports that this IP is located in Taiwan. Moreover, the backdoor avoids detection by evading the area web-proxy during the establishment of its link with the IP, the security company said. Notably, a week ahead of Adobe's plan to release the security patch for a critical flaw in its widely-used PDF application, cyber attackers exploited the flaw to launch large scale as well as targeted attacks. In this context, the Internet Storm Center of SANS Institute reported models of the latest malware-ridden PDF file, which compromised computers via the abovementioned flaw. Consequently, the researchers at F-Secure suggest that computer users should update their applications at the earliest in the wake of attack carrying out active exploitation. The security researchers stated that in light of malevolent PDF files very common now-a-days, they were again advising the same. Moreover, users should not trust uninvited attachments, and also ensure that they have up-to-date antivirus software. Finally, the researchers recommend that users should deactivate their JavaScript while working on Adobe's PDF application. This will help prevent several types of assaults against the software. Related article: Patched Adobe Acrobat Reader Still Causing Threat ยป SPAMfighter News - 1/27/2010 |
Dear Reader
We are happy to see you are reading our IT Security News.
We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!