[StBernard] New PDF Attack Making the Rounds

Westley Annis Westley at da-parish.com
Wed Oct 24 23:01:17 EDT 2007

==== IN THE NEWS ================================

New PDF Attack Making the Rounds
by Paul Thurrott, thurrott at windowsitpro.com

New PDF Attack Making the Rounds
With today's OSs providing more security controls than ever, malicious
hackers are turning to unpatched applications as a way to infiltrate
users' systems. This week, a malicious PDF document that exploits
security flaws in Adobe's popular Adobe Reader and Acrobat software,
and in Microsoft Internet Explorer (IE) on Windows XP and Windows
Server 2003, is making its way across the Internet, threatening to
compromise PCs around the globe.

Adobe has actually fixed the flaw already, and it shipped a free
update on Monday for users of the latest versions of its software. But
many Adobe customers don't regularly update their software--or, in
millions of cases, don't even remember the software is even on their
PCs. And Adobe has yet to ship an update for older versions of Reader
and Acrobat. All of those users are still at risk.

But Adobe isn't completely to blame. The attack takes advantage of a
mailto: flaw in the IE 7 version for XP and Windows 2003 to spam mail
the malicious document via an email attachment. The document typically
has a name like YOUR_BILL.pdf or INVOICE.pdf, and launches a Trojan
horse attack called Pidief.a when the document is opened. This Trojan
shuts down the PC's firewall and downloads other malware directly to
the PC, thus compromising the machine and putting it under the control
of remote hackers.

Although Microsoft plans an IE patch and Adobe has pledged to update
earlier Reader and Acrobat versions, a little common sense will go a
long way toward combating this problem. As is always the case, users
are cautioned from opening unexpected email attachments from unknown
senders. And systems administrators are advised to temporarily block
the delivery of PDF files via email attachment.

More information about the StBernard mailing list