Tuesday, February 24, 2009

Yet Another Reason To Hate PDFs

"Attackers inserted malware into ads in an apparent attempt to get users to download rogue antivirus. The malware authors attempted to exploit a patched vulnerability affecting Adobe Acrobat and Reader that is unrelated to reports last week of a zero-day bug. eWEEK.com and other Ziff Davis Enterprise sites were affected, though the ads were taken down shortly after the situation was discovered and the site is now clean.

"Attackers infected some advertisements on the eWEEK.com Web site in an apparent attempt to get readers to download a rogue antivirus. eWEEK has found the exploit and removed any infected code from its Web site.

"Although the exploit involved a bug affecting Adobe Reader and Adobe Acrobat, it is not related to the zero-day bug publicized last week, and is detected by Symantec as `bloodhound.exploit.213.`

"The infected code was found early Feb. 24 and the infected ads were removed from the eWEEK site within a short time. The eWEEK Web site is now working without any problems."

Read more - if you dare - at eWeek...

No comments: