Themes & Channels
Malicious PDF file makes round (again)
By Jerome Saiz, Fri, November 9th, 2007
A malicious PDF file is being massively spammed. It relies on a vulnerability in Adobe Acrobat discovered late September in order to compromise Windows upon opening it. Users should update their Windows Acrobat Reader to the latest version.
Here we go again : the unpatched Windows URI handling flaw that already led to booby-trapped PDF files being sent out is at work again. Just like the previous attacks this one relies on a malicious PDF file being massively spammed.
Once opened on a vulnerable platform, this PDF file drops a stage-one malware that will disable Windows firewall and then download some more malicious components. The vulnerability leveraged here affects IE7, Adobe Acrobat, and Adobe Reader (version 8.1 or 7.0.9 and earlier) on Windows XP and 2003. Vista is safe from this vulnerability.
Adobe published an updated Acrobat Reader safe from the vulnerability. It can be found here. Microsoft assures a patch for the underlying vulnerability will be out for the Nov,13th cumulative update. Before this, other third-party applications are still at risk.
Print this news
Into IAM ?
The IAM 2008 Series
SecurityNewsletter interviews major Identity & Access Management players to give you the lead on what IAM will be in 2008.