Andre Yee's Security Insider

Andre Yee

Adobe Fixes Vulnerability But Problems Persist in the Wild

user-pic
Vote 0 Votes

On Monday, Adobe released a patch a vulnerability in its Adobe Reader software (v 8.1 or earlier, v. 7.0.9 or earlier) exposed by U.K.-based researcher Petko Petkov. The vulnerability makes it possible for the spread of malicious PDF files resulting in Windows machines being taken over, security controls disabled and additional malware files downloaded.

Although the patch was issued on Monday, problems persist in the wild, since many users don't remember to update their Adobe reader software regularly (guilty as charged!). Symantec has identified the threat as Trojan.Pidief.A. The rogue PDF document is attached to spammed e-mail, and arrives with a filename such as YOUR_BILL.pdf or INVOICE.pdf, said Symantec.

Here are few suggestions by Symantec to protect yourself

- Apply the Adobe issued patches
- Block the delivery of PDF files in email.
- Issue advisory to employees to avoid reading or executing PDF files from unknown or untrusted sources.
- Block access to the network and IP address involved in this attack.

An open dialogue about security and compliance for the enterprise.

Andre Yee

Andre Yee is an entrepreneur and technologist with nearly 20 years of experience in the business of technology.

Recently Commented On

Recent Webinars

    Monthly Archives

    Blogs

    ADVERTISEMENT