Register

To become a member of ITProPortal Register here.

Already a member? Login here

Please register below. All we need is a valid email address and a password.

Please use a real email address as we need to email you to confirm your account.
Must be at least 6 characters long.

Benefits of joining ITProPortal:

  • Unlimited Access to Special Reports and White Papers
  • Exclusive offers and discounts
  • Free entry to all competitions
  • Access to beta sections of ITProPortal.com

Login to your account



Forgot your password?

Submit
Register
Cancel

If you have Adobe Acrobat 7 or 8, makes sure it's updated

If you have Adobe Acrobat 7 or 8, makes sure it's updated
  • Digg del.icio.us reddit Facebook

Our good friends over at iDefense sent us a heads-up on some nastiness occurring with unpatched Adobe Acrobat 7 and 8 versions.

According to their advisory (attached here, PDF):Since Jan. 20, 2008, banner ads have actively served malicious PDF files that exploit the vulnerability and install the Zonebac Trojan horse. 

 A similar attack occurred in October 2007 when the same group used a Realplayer zero-day exploit to install the Zonebac Trojan.

No anti-virus vendors currently detect the malicious PDF files. This type of exploit can be used in Web browser and email attack vectors. This vulnerability affects Adobe Acrobat Reader v7.x and versions prior to 8.1.2. Complete mitigation requires upgrading to Adobe Acrobat 8.1.2.

Adobe security advisory link here.

We’ve analyzed the binaries of this attack and it’s real. Updating Acrobat is easy: Just go to Help/Check for Updates. Do it as quickly as possible.

You are reading page 1 of 1
1

Posted by Alex Eckelberry on 10 Feb. 2008

Tags: Trojans, Virus, adobe