Free Newsletter
Register for our Free Newsletters
Access Control
Deutsche Zone (German Zone)
Education, Training and Professional Services
Government Programmes
Guarding, Equipment and Enforcement
Industrial Computing Security
IT Security
Physical Security
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec

Virus carrier exploits adobe vulnerability.

Lumension Security : 25 October, 2007  (Technical Article)
Lumension Security is warning of credible seeming e-mails containing an adobe file carrying malicious content.
A mass mailing malicious file that exploits a bug in Adobe's Acrobat software has been released. It arrives in inboxes disguised as YOUR_BILL.pdf or INVOICE.pdf looking to infect computers before users have time to patch.

Andrew Clarke, Senior Vice President of Lumension Security EMEA (formerly PatchLink) comments:

"It seems the race is on for Windows XP users to protect their PCs - both at home and in the office. Hackers are often looking to exploit holes in software once a fix has been made public by the software vendor and before the user has time to patch. And, it is often human curiosity that proves the Achilles heel of security matters. Computer users need to be suspicious of any Adobe documents named as a 'bill' or 'invoice, until they have applied the latest patch.

"As the receipt of bills and invoices over email becomes more commonplace, it is likely that some unsuspecting users will fall victim to this latest attack. To avoid infection, computer users need to download the latest version of Adobe 8.1.1 to secure their PCs.

"Upgrading to the latest software can be done at the touch of a button for consumers, making it simple to protect against this attack. However, the inconvenience of not being able to use an application straight away makes some users click the 'apply later' option, leaving them exposed for longer. For businesses, applying the latest patch is not so simple - as software alterations must be tested against the individual infrastructure before it is applied. Applying a piece of code that conflicts with your current system could lead to a period of downtime for the user."
Bookmark and Share
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
   © 2012
Netgains Logo