The new zero-day vulnerability in Adobe Reader may have some people wondering if there’s a way to use Portable Document Format (PDF) files more safely. The answer is yes: you can reduce your risk in using PDF files. Here’s how. First of all – and this can’t be stressed enough – keep your PDF reader…
Read MoreZero-day season is far from over as reports indicate that an exploit was found targeting zero-day vulnerabilities for certain versions of Adobe Reader. This discovery came on the heels of the recent Adobe Flash Player incident that occurred last week. In the related samples we gathered, the exploit is disguised as a .PDF file (detected…
Read MoreCyber criminals have now updated their PDF exploits to include the getIcon() vulnerability (CVE-2009-0927). We currently detect this as TROJ_PIDIEF.OE. As usual, we highly encourage users to update now to the latest versions of Adobe Acrobat and Adobe Reader (if you haven’t yet). Reading the security advisory by Adobe closely, we see that this issue…
Read MoreThe Portable Document Format, or PDF for short, has always been a popular way of distributing documents. It’s no surprise then that cybercriminals have tried to use it as a means of spreading malicious files. Yesterday, the Shadowserver Foundation underlined the severity of this problem when they released details about a new vulnerability in versions…
Read MoreWe have discovered a new Adobe Reader/Acrobat exploit (detected since 24 June 2008 as TROJ_PIDIEF.AC) hosted on the following URL: http://{BLOCKED}e-actions.com/secure.cgi?… The vulnerability targeted by this Trojan causes Adobe Acrobat to execute arbitrary malicious code that downloads and executes a file found in: http://{BLOCKED}e-actions.com/secure.cgi?… The downloaded file is saved inside a temporary folder as Eyal.exe….
Read More