If you still need a reason to patch that installation of Adobe Reader, pay close attention to this discovery by Secure Computing's anti-malware research labs.The group has stumbled upon an exploit pack that exclusively targets PDF vulnerabilities, exposing millions of Windows desktops to malicious hacker attacks.
This new toolkit targets only PDFs, no other exploits are used to leverage vulnerabilities. Typical functions like caching the already infected users are deployed by this toolkit on the sever-side. Whenever a malicious PDF exploit is successfully delivered, the victim’s IP address is remembered for a certain period of time. During this “ban time” the exploit is not delivered to that IP again, which is another burden for incident handling.
Other existing toolkits have also been enhanced with PDF exploits lately. For example we spotted the “El Fiesta” toolkit to have also added exploits for the Portable Document Format.
Unpatched third-party desktop applications are a big, big part of the malware epidemic on the Windows platform. As we learned during that Adobe Flash attack earlier this year, end users are very slow to apply these patches, giving the bad guys a huge opening for targeted, localized malware attacks.