Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Recent Posts

  • Calendar

    July 2014
    S M T W T F S
    « Jun    
     12345
    6789101112
    13141516171819
    20212223242526
    2728293031  
  • About Us

    We got hold of an exploit targeting the vulnerability Adobe reported in its most recent security advisory.

    The exploit, detected as TROJ_ADOBFP.B (now detected as TROJ_ADOBFP.SM), takes advantage of the referenced vulnerability to drop another malicious file detected as TROJ_DROPPER.ADO.

    TROJ_ADOBFP.B arrives in users’ systems as a malicious .SWF file that has been embedded into an .XLS file. This .SWF file contains the code for the exploit. TROJ_DROPPER.ADO, on the other hand, drops another malicious file detected as BKDR_COSMU.KO. BKDR_COSMU.KO connects to a URL to execute certain commands. It also retrieves information from the affected system such as drive information, OS, file or directory list, as well as a list of existing processes and services.

    The vulnerability related to this threat affects the following software and their corresponding versions:

    • Adobe Flash Player 10.2.152.33 for Windows, Macintosh, Linux, and Solaris OSs
    • Adobe Flash Player 10.1.106.16 and earlier versions for Android
    • Adobe Reader and Acrobat X (10.0.1) for Windows and Macintosh OSs (specifically the Authplay.dll component)

    Adobe posted a schedule for the release of security updates that will address this vulnerability. All affected versions, except Adobe Reader X, will be patched on March 21. The update for Adobe Reader X will be released on June 14. Until the updates are released, users are advised to be extra careful, especially when dealing with .XLS files coming from unknown users.

    Update as of March 22, 2011, 12:50 AM Pacific Time

    Adobe released the security updates for Adobe Flash Player and Adobe Reader and Acrobat. More information on the said updates can be found in the following pages:

    Users are strongly advised to apply the said updates as soon as possible.





    Share this article
    Get the latest on malware protection from TrendLabs
    Email this story to a friend   Technorati   NewsVine   MySpace   Google   Live   del.icio.us   StumbleUpon






     

    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice