Home / / New malware exploits Adobe Reader vulnerability

New malware exploits Adobe Reader vulnerability

Users should take steps to avoid being affected as no patch exists

Clever new threat sees users give the malware permission to initiate infection.
Clever new threat sees users give the malware permission to initiate infection.

A new spam attack using tainted Adobe PDF attachments has led to computers around the world being compromised, warn security specialists Fortinet.

Identified as the 'PDF/Pidief.BV!exploit', the threat was ranked second for all worldwide malware activity last month and is said to usually take the form of an attachment in a spam e-mail.

While PDF-based attacks are nothing new, this exploit takes a whole new approach to infection.

Once users try to access the PDF file attached in the e-mail, Adobe Reader launches with a dialog box that asks the recipient to confirm that they'd like to 'open' the file. The malware then automatically drops a malicious Windows 32 executable file in the system, compromising the computer - all with the user's permission.

"What sets PDF/Pidief.BV apart from other PDF threats we are seeing, is that it requires user interaction," said Derek Manky, project manager, cyber security and threat research, Fortinet. "More specifically, a user needs to click on the ‘open' button when prompted by a dialog box to initiate the infection. This threat is another reason why it's imperative for users to carefully read these types of messages when they appear."

Unfortunately no patch exists as yet but Adobe says they are investigating the issue.

In the meantime, the company recommends that users go into the Preferences panel of Adobe Reader, click on Trust Manager in the left pane and clear the check box that says 'Allow opening of non-PDF file attachments with external applications'.