Adobe patches PDF vulnerabilities
Adobe’s Acrobat and Reader flaws patched last week. The fix protects Windows XP users from attackers sending malware-stuffed PDF files, designed to exploit the flaw. Researchers say that a lot of exploit are still out there, while attackers hope to find unpatched systems. Successful exploit allows attackers to download code from a server to the victim’s machine. The code then installs two files (9129837.exe and new_drv.sys), designed to sniff and steal financial and other private data from the computer.
Researchers also have their eyes on Trojan.Pidief.A, used to exploit this PDF vulnerability. Servers used in the attack have previous history of malicious abuse, such as CoolWebSearch installation or VML attacks.
Subject lines of emails, containing malicious PDF exploit files read “STATEMENT indigene.†and attachments usually are “YOUR_BILL.PDF†and “INVOICE.PDFâ€.
Recently commented malware