« Ann Coulter Hacked | Main | Top 10 Most Vulnerable Apps for 2007 »

On Monday, Adobe released a patch a vulnerability in its Adobe Reader software (v 8.1 or earlier, v. 7.0.9 or earlier) exposed by U.K.-based researcher Petko Petkov. The vulnerability makes it possible for the spread of malicious PDF files resulting in Windows machines being taken over, security controls disabled and additional malware files downloaded.

Although the patch was issued on Monday, problems persist in the wild, since many users don't remember to update their Adobe reader software regularly (guilty as charged!). Symantec has identified the threat as Trojan.Pidief.A. The rogue PDF document is attached to spammed e-mail, and arrives with a filename such as YOUR_BILL.pdf or INVOICE.pdf, said Symantec.

Here are few suggestions by Symantec to protect yourself

- Apply the Adobe issued patches
- Block the delivery of PDF files in email.
- Issue advisory to employees to avoid reading or executing PDF files from unknown or untrusted sources.
- Block access to the network and IP address involved in this attack.

Posted by andreyee in Alerts/Warnings |Digg This|Add to del.icio.us

Trackback Pings

TrackBack URL for this entry:
http://www.ebizq.net/mt/mt-tb.cgi/2797