Feb 12, 2008

[Security] Roundup: Adobe and Storm

A roundup of computer security-related posts that I think you should be aware of:

* McAfee Avert Labs Blog reports of an Adobe PDF exploit spreading in the wild. Given the fact that PDF is almost a standard document format, be careful in opening PDFs. Affected Adobe apps are Adobe Reader 8.1.1 and earlier versions; and Adobe Acrobat Professional, 3D, and Standard 8.1.1 and earlier versions. Temporary mitigating measure includes not opening PDF files coming from the Internet. Users are advised to upgrade their Adobe PDF apps.

Techie part: the exploit allows for a JavaScript embedded in a PDF file to download a Trojan. Of course, you have to open the PDF file first.

Really techie part: vulnerability reports by Securiteam (with suggested workaround) and iDefense.

* And this month being the season for love (yeah, right), expect to get a lot of spam exploiting Valentines Day. TrendLabs Malware Blog warns people that the most prolific worm of 2007 (and most prolly 2008), Storm, is exploiting this event. These spam emails contain links to Web sites. DO NOT CLICK ON THOSE LINKS, of course.

No comments:

Post a Comment