May Microsoft Patch Tuesday
Microsoft has announced two new patches today to fix vulnerabilities that could allow remote code execution. Both patches are rated Critical by Microsoft and affect Microsoft Windows and Microsoft Office. Gladiator recommends that users with impacted systems apply both Critical patches. Detailed information for the patches can be found in Microsoft’s May Security Bulletin. 
Trojan Malware Sent via PDF Attachment
GSA Reference Number: AD100429-01
Simply Put: A new attack has been detected that attempts to spread data-stealing malicious code via an email with the subject “setting for your mailbox are changed.” Users should not open this email or the attachment. The email includes an infected PDF attachment called “doc.pdf,” which, when opened, runs a set of scripts and executables on the recipient’s computer that infect or spoof various Windows programs and services. The methods used do not require JavaScript in order to execute. Once infected, the machine will then periodically contact malicious Web locations to download and update itself with any of the latest malicious and data-stealing viruses.
April Adobe Patch Release
GSA Reference Number: AD100414-01
Simply Put: Adobe has released a patch for critical vulnerabilities in the Adobe Reader and Acrobat products. Adobe Reader and Acrobat 9.3.1 and earlier versions are confirmed as vulnerable. Many of the vulnerabilities can lead to remote code execution and are likely to become a target of malware authors. Adobe Reader and Acrobat should be patched as quickly as possible on all workstations and servers.
Previous Articles
Gladiator Research and Security
This site is here to provide security related information and articles to better protect your financial institutions. We'll be posting advisories, blog entries and trends often so be sure to check back weekly.