Currently malicious PDF documents find their way into the mailboxes of internet users. They abuse a new security hole in Adobe Reader and Acrobat to infect the computer with malware.Adobe is investigating the yet unknown security vulnerability. Avira users are already protected though: The antimalware solutions from the german IT security company detect the malicious PDF files generically without updates as HTML/Malicious.PDF.Gen.
When opened with the vulnerable Adobe programs, the PDF file injects code which downloads further malware. The embedded JavaScript in the document checks if the version of Adobe Reader is 8 or higher.
The trojan that Avira detects as TR/Drop.Agent.DT with VDF version 7.10.01.243 gets stored as "winver32.exe" in the windows directory. It downloads 3 malicious files which Avira detect as BDS/Ientlcp.A, TR/Agent.faa and TR/Agent.HO. Until Adobe releases Updates for Reader and Acrobat, users should be careful and don't open PDF documents which they receive unexpectedly.
You can use Avira AntiVir - Download here
No comments:
Post a Comment