All the latest UK technology news, reviews and analysis
|
|
|
24 Oct 2007
Online criminals have started targeting a vulnerability in Adobe's PDF reader.
Attackers are exploiting the vulnerability through email messages with a specially crafted PDF attachment that is labelled bill.pdf or invoice.pdf. A known vulnerability in the way that the documents are handled subjects recipients to arbitrary code execution, which allows the attacker to recruit a system as part of a botnet or install other malware.
The release of the exploit follows days after a security researcher published a proof of concept for the flaw on 17 October. Adobe released a patch for the vulnerability on Monday 22 October.
Details about the vulnerability were published in late September on the GNU Citizen blog. The blog at the time didn't provide proof of concept (PoC) code, because the author anticipated that Adobe would be slow in creating a patch.
The speedy release of attack code following the proof of concept publication once again illustrated that PoC code can easily be turned into a live attack.
Latest stories from Security
Related articles
Related jobs
Poll
Are you confident that the UK's IT infrastructure is secure from attack in the wake of the Flame malware revelations?
Orange and Intel talk us through the ins and outs of their San Diego smartphone
Connect with V3.co.uk
Social networking is almost ubiquitous. This white paper examines the benefits and risks and it looks at the different ways companies can reconcile them
The importance of understanding your infrastructure
Lead/Project Engineer Microsoft VMware SAN Networking...
SENIOR APPLICATION TESTER. Assen, Netherlands. €1k-€1...
Project Manager - Trading Systems - up to £85'000...
SAS Senior Analyst- up to £55,000 Industry: Marketing...
Keep up to date with the latest products, services and technologies from the world's leading IT companies. IThound.com brings you over 2,000 white papers, case studies and analyst reports.
Do you agree?