Site Archives PDF
Trojan Malware Sent via PDF Attachment
GSA Reference Number: AD100429-01
Simply Put: A new attack has been detected that attempts to spread data-stealing malicious code via an email with the subject “setting for your mailbox are changed.” Users should not open this email or the attachment. The email includes an infected PDF attachment called “doc.pdf,” which, when opened, runs a set of scripts and executables on the recipient’s computer that infect or spoof various Windows programs and services. The methods used do not require JavaScript in order to execute. Once infected, the machine will then periodically contact malicious Web locations to download and update itself with any of the latest malicious and data-stealing viruses.
New Critical Adobe Acrobat / Reader Vulnerability
GSA Reference Number: AD091215-01
Simply Put: A new Adobe Acrobat/Reader remote code execution vulnerability has been observed in targeted attacks on the Internet. This vulnerability has been confirmed by Adobe; however, no patch is available at this time. Adobe Reader and Acrobat 9.2 and earlier versions are confirmed as vulnerable. Although this vulnerability is not in widespread use as of yet, Gladiator believes it will become so in the near future.
Adobe Releases Patch for Critical Acrobat Vulnerability
GSA Reference Number: AD090513-01
Simply Put: Adobe has released a patch for the critical vulnerability affecting its Acrobat products. This vulnerability was previously discussed in Gladiator Advisory AD090430-01 on April 30th, stating that all versions of Adobe Reader and Adobe Acrobat, on all operating systems, are affected by a Critical JavaScript Vulnerability.
New Adobe Acrobat and Reader Vulnerability
GSA Reference Number: AD090220-01
Simply Put: Adobe Acrobat 9 and Reader 9 and earlier versions contain an unpatched critical vulnerability that allows arbitrary code execution. Adobe has released an advisory on this issue, but a patch will not be released until March 11th. A workaround has been published that will prevent code execution, but the application will still crash.
BlackBerry Enterprise PDF Processing Vulnerability
GSA Reference Number: AD080717-01
Simply Put: BlackBerry Enterprise Server has a new vulnerability in its attachment processing engine. Basically, if an attacker attaches a maliciously formatted PDF file to an email and sends it to a BlackBerry user, the server processing the attachment could become compromised. The BlackBerry user would have to view the email attachment on his phone to trigger the attack. This is a vulnerability in the BlackBerry server and not BlackBerry phones. If this attack is successful, arbitrary code could be run on the Enterprise Server.
Find It Quickly
Find what you're looking for quickly by using our keyword search. Can't find it? Try our links below.
Monthly Archives
Find posts by the month they were written.
- July 2010
- June 2010
- May 2010
- April 2010
- March 2010
- February 2010
- January 2010
- December 2009
- November 2009
- October 2009
- September 2009
- August 2009
- July 2009
- June 2009
- May 2009
- April 2009
- March 2009
- February 2009
- January 2009
- December 2008
- November 2008
- October 2008
- September 2008
- July 2008
- May 2008
- April 2008
- March 2008
- January 2008
- December 2007
- November 2007