In the wild: Malicious PDF files; Which AV will detect it?

If you haven’t update your Adobe Reader to v8.1.1, you better to do it NOW.

The vulnerability is being exploited now and yup, it’s in the wild because I received copies already.  Screenshots at http://www.dozleng.com/updates/index.php?showtopic=16119 

Adobe fixed the security issue by releasing v8.1.1.  See their advisory here and please update NOW.

Microsoft updated their security advisory on the above due to increased of threat level.

Read the write-up of Symantec on what they detected and blocked in the email I received : Bloodhound.Exploit.163 – Bloodhound.Exploit.163 is a heuristic detection for PDF files attempting to exploit the Adobe Acrobat Mailto Unspecified PDF File Security Vulnerability

See also: http://blogs.technet.com/robert_hensing/archive/2007/10/26/it-begins-pdf-spam-run.aspx (Thanks to MVP Susan Bradley for the link)

Update:  Go to http://www.dozleng.com/updates/index.php?showtopic=16119 to see the VirusTotal.com scan result to find out which malware scanners is FAST in detecting malicious files that is IN THE WILD.

Leave a Reply