A wave of malicious PDF files have been identified by ESET.
The company has reported that malicious PDFs have been created to exploit security flaws in PDF reader software with more than 25,000 attacks involving this type of file identified in the last two weeks.
Attackers are exploiting two vulnerabilities in Adobe Acrobat Reader to execute arbitrary code on computers, and are installing malware. Although versions of Adobe Acrobat Reader higher than 8.1.1 are not vulnerable to these attacks
ESET claimed that it had ‘seen malicious PDFs being distributed as email attachments but also in exploitation packs like NeoSploit that use this file as another way to attack web browsers.'
See original article on scmagazineuk.com
Malicious PDF files identified
By SC Australia Staff on Oct 20, 2008 10:03AM