Reader/Acrobat vulnerability targeted day after patch release.
A vulnerability in
Adobe
‘s popular PDF-viewing software
Adobe Reader
and editing suite
Acrobat
,
first reported a month ago
, was patched on Monday in an update released two weeks after the company
issued a workaround
to minimise exposure. The following day, PDFs containing exploits for the vulnerability were seen being spammed out in targeted attacks on businesses.
The spams contain PDF documents posing as bills or invoices, and once run, the trojan code (dubbed ‘
Trojan.Pidief.A
‘ by
Symantec
and ‘
EXPL_Pidief.B
‘ by
Trend Micro
) accesses vulnerable systems, disables the
Windows
firewall and downloads further trojans to complete the system penetration.
The vulnerability is thought only to affect users of
Windows XP
and
Internet Explorer 7
. Readers are advised to apply the update, available from
Adobe
here
, and ensure all software including anti-virus is kept fully up to date and patched. More details on the attack are on the
Symantec
blog
here
.
Posted on 24 October 2007 by
Virus Bulletin
Leave a Reply