ie8 fix
madison

Zero Day

Ryan Naraine, Emil Protalinski and Dancho Danchev
Home / News & Blogs / Zero Day

Researchers discover PDF exploit packs

By | September 24, 2008, 9:50am PDT

Summary: If you still need a reason to patch that installation of Adobe Reader, pay close attention to this discovery by Secure Computing’s anti-malware research labs. The group has stumbled upon an exploit pack that exclusively targets PDF vulnerabilities, exposing millions of Windows desktops to malicious hacker attacks. Secure Computing warns: This new toolkit targets only PDFs, no other [...]

PDF exploit kit circulating on InternetIf you still need a reason to patch that installation of Adobe Reader, pay close attention to this discovery by Secure Computing’s anti-malware research labs.

The group has stumbled upon an exploit pack that exclusively targets PDF vulnerabilities, exposing millions of Windows desktops to malicious hacker attacks.

Secure Computing warns:

This new toolkit targets only PDFs, no other exploits are used to leverage vulnerabilities. Typical functions like caching the already infected users are deployed by this toolkit on the sever-side. Whenever a malicious PDF exploit is successfully delivered, the victim’s IP address is remembered for a certain period of time. During this “ban time” the exploit is not delivered to that IP again, which is another burden for incident handling.

Other existing toolkits have also been enhanced with PDF exploits lately. For example we spotted the “El Fiesta” toolkit to have also added exploits for the Portable Document Format.

[ SEE: Flash attack may as well have been zero-day ]

Unpatched third-party desktop applications are a big, big part of the malware epidemic on the Windows platform.  As we learned during that Adobe Flash attack earlier this year, end users are very slow to apply these patches, giving the bad guys a huge opening for targeted, localized malware attacks.

I can’t recommend Secunia’s PSI (personal software inspector) highly enough.   Please patch now.

Kick off your day with ZDNet's daily e-mail newsletter. It's the freshest tech news and opinion, served hot. Get it.

More from “Zero Day”

Topics

Adobe PDF, Malware, Exploit, Spyware, Adware & Malware, Cyberthreats, Security, Ryan Naraine

Ryan Naraine is a journalist and social media enthusiast specializing in Internet and computer security issues.

Disclosure

Ryan Naraine

The most important disclosure is of my employment with Kaspersky Lab as a member of the global research and analysis team. Kaspersky Lab is a global company specializing in anti-malware and secure content management technologies. I do not own stocks or other investments in any technology company.

Biography

Ryan Naraine

Ryan Naraine is a journalist and social media enthusiast specializing in Internet and computer security issues. He is currently security evangelist at Kaspersky Lab, an anti-malware company with operations around the globe. He is taking a leadership role in developing the company's online community initiative around secure content management technologies.

Prior to joining Kaspersky Lab, Ryan was Editor-at-Large/Security at eWEEK, leading the magazine's and Web site's coverage of Internet and computer security issues and managing the popular SecurityWatch blog, covering the daily threats, vulnerabilities and IT security technologies. He also covered IT security, hacker attacks and secure content management topics for Jupiter Media's internetnetnews.com.

Ryan can be reached at naraine SHIFT 2 gmail.com. For daily updates on Ryan's activities, follow him on Twitter.

Related Discussions on TechRepublic

Did you know you can take part in these discussions with your ZDNet membership?
Ask a Question Start a Discussion
3
Comments
Add Your Opinion

Join the conversation!

Just In

Unfortunately, the US Government Disagrees
TelcoChuck 25th Sep 2008
Imagine the Anti-Trust issues if Microsoft had the ability to patch multiple vendor's products in the monthly patch cycle! Remember the setting of kill-bits is only a courtesy for the vendor and customers according to Microsoft.
View in thread
0 Votes
+ -
.....
Linux User 147560 24th Sep 2008
"Unpatched third-party desktop applications are a big, big part of the malware epidemic on the Windows platform." - which again exacerbates just how much better the Linux ecosystem is about updates... devil
0 Votes
+ -
Unfortunately, the US Government Disagrees
TelcoChuck 25th Sep 2008
Imagine the Anti-Trust issues if Microsoft had the ability to patch multiple vendor's products in the monthly patch cycle! Remember the setting of kill-bits is only a courtesy for the vendor and customers according to Microsoft.
0 Votes
+ -
RE: Researchers discover PDF exploit packs
Jared Neale 24th Sep 2008
The linux user above is probably correct about update via the linux system because they are all patched at the same time no matter what program you use.

The problem with Adobe updates is that they include so many extra components in their install that many people turn off the phone home components just to have a functioning PC. If I just want to install Dreamweaver from the Creative Suite installation, why do I need Apple's Bonjour service?

Join the conversation!

Formatting +
BB Codes - Note: HTML is not supported in forums
  • [b] Bold [/b]
  • [i] Italic [/i]
  • [u] Underline [/u]
  • [s] Strikethrough [/s]
  • [q] "Quote" [/q]
  • [ol][*] 1. Ordered List [/ol]
  • [ul][*] · Unordered List [/ul]
  • [pre] Preformat [/pre]
  • [quote] "Blockquote" [/quote]
ie8 fix
Click Here
ie8 fix

The best of ZDNet, delivered

ZDNet Newsletters

Get the best of ZDNet delivered straight to your inbox

Facebook Activity

Blog Roll

Blog Archive

White Papers, Webcasts, & Resources
ie8 fix
ie8 fix