Viruses/Worms News

Gumblar Trojan exploits Adobe Reader and Acrobat security hole

Wednesday, October 21, 2009

A security flaw in Adobe Reader and Acrobat is being actively exploited by cyber attackers with malicious PDFs. Security researchers at IBM's web security labs have seen a surge in attacks on this security vulnerability.

IBM researchers said on the Frequency X Blog that variants of the Gumblar Trojan are attacking security holes in Microsoft Office, web browser and Adobe products, but most of the attacks are aimed at Adobe Acrobat and Reader.

"Here in Managed Security Services, we've noticed a considerable elevation in our global hits on malicious PDF files," the IBM researchers said on the blog. "More specifically, the signature used to detect the latest Adobe Reader Remote Code Execution has picked up most of the activity."

Adobe disclosed the security vulnerabilities in its October 13 batch of security patches and recommends users of Adobe Reader 9.1.3 and Acrobat 9.1.3 and earlier versions update to Adobe Reader 9.2 and Acrobat 9.2.

The security bulletin from Adobe on the flaw said remote code execution could allow an attacker to take control of a user system if a victim opens a PDF file infected with the virus.
ADNFCR-1765-ID-19419559-ADNFCR

Related News:

Researchers: Malware attackers reloading for Windows 7 assaults - 11.20.2009
A report issued yesterday by computer security firm Symantec says that hackers are undoubtedly reworking their malicious software to target Windows 7 as more users switch to the latest version of Microsoft's flagship OS.

Want to secure your iPhone against intruders? There's an app for that - 11.20.2009
Cisco Systems today released a free iPhone app that will allow users to receive security updates and the latest news on web threats, as well as aggregating additional security related content for iPhone users.

Microsoft says 64-bit versions of Windows are harder to infect - 11.19.2009
Members of Microsoft's security team write that 64-bit editions of Windows are much less susceptible to malware attacks, but outside experts caution that 64-bit malware could be the next big thing in cyber crime.

Google coming down hard on malicious advertisers - 11.18.2009
Search giant Google has said that it will lay down the law where scam artists and malvertisers are concerned: Permanent bans will be the result of any fraudulent activity on the company's AdWords service.

If at first you don't succeed: Most malware protection fails first round of certification testing - 11.17.2009
A study performed by security testing and research firm ICSA Labs says that almost four out of five computer security products fail their first certification tests and need to be retooled for a second and sometimes a third attempt.
View Related Resources
Or
Watch an Online Demo
Or
Have us call you now