It begins . . . (PDF spam run)


F-Secure is reporting that a PDF spam run has started that exploits the Adobe URI handler vulnerability (that is really sort of our vulnerability – where Acrobat is simply the current attack vector).


Couple things:



  1. The Adobe Acrobat update has been released as of October 22nd so make sure you update Acrobat ASAP.

  2. If you can’t update Acrobat – you can enable the workaround they list in their bulletin that I link to above.

I want to give props to Adobe for having the foresight to include the ability to selectively disable features and functionality of the product like that! 


Comments (3)

  1. Anonymous says:

    If you haven't update your Adobe Reader to v8.1.1, you better to do it NOW. The vulnerability is

  2. Anonymous says:

    The Microsoft Security Response Center (MSRC) : MSRC Blog: October 25th Update To Security Advisory 943521

  3. Anonymous says:

    The Microsoft Security Response Center (MSRC) : MSRC Blog: October 25th Update To Security Advisory 943521