Gladiator Research and Security

GSA Reference Number: AD100429-01

Simply Put: A new attack has been detected that attempts to spread data-stealing malicious code via an email with the subject “setting for your mailbox are changed.”  Users should not open this email or the attachment. The email includes an infected PDF attachment called “doc.pdf,” which, when opened, runs a set of scripts and executables on the recipient’s computer that infect or spoof various Windows programs and services.  The methods used do not require JavaScript in order to execute.  Once infected, the machine will then periodically contact malicious Web locations to download and update itself with any of the latest malicious and data-stealing viruses.

GSA Reference Number: AD100414-01

Simply Put: Adobe has released a patch for critical vulnerabilities in the Adobe Reader and Acrobat products.  Adobe Reader and Acrobat 9.3.1 and earlier versions are confirmed as vulnerable.  Many of the vulnerabilities can lead to remote code execution and are likely to become a target of malware authors.  Adobe Reader and Acrobat should be patched as quickly as possible on all workstations and servers.

Microsoft has announced 11 new patches today to fix vulnerabilities that could allow remote code execution, denial of service, elevation of privileges, and spoofing.  Five patches are rated Critical by Microsoft and affect Microsoft Windows.  Five patches are rated Important by Microsoft and affect Microsoft Windows and Microsoft Office.  One patch is rated Moderate and affects Microsoft Windows.  Gladiator recommends that users immediately apply the Critical patches. Detailed information for the patches can be found in Microsoft’s April Security Bulletin.