One of the much-discussed PDF file exploits is circulating in SEO poisoned links. We found it by following links that popped up from a search for �Vanessa Hudgens No Clothes.�
(Click on graphic to enlarge)
The malcode takes advantage of a vulnerability in an out-of-date version of Adobe Reader (version 6.0) and it prompts a victim to download Java if it doesn�t find it on his machine. Adobe Reader 9.4, the current version, isn�t vulnerable.
(Click on graphic to enlarge)
Clicking on the �Available Updates� pop-up window runs the exploit which then installs a downloader that can infect the victim with any one of a rogue�s gallery of malicious code.
(Click on graphic to enlarge)
VIPRE detects it as Exploit.PDF-JS.Gen (v)
Thanks Patrick
Tom Kelchner
No comments:
Post a Comment