A month ago, Adobe released a critical security patch to its famous software Adobe Reader. The flaw allowed the remote attacker to install a Trojan backdoor into the infected system, capable of taking control of it. According to Microsoft's Threat Research and Response blog, its researchers have discovered a circulating PDF-based attack that hooks into the published flaw, CVE-2010-0188.
Upon opening the malicious PDF files, vulnerable versions of the Adobe software crash. In the background, malicious code gets executed. After that, in the system root directory "C:\" it creates a malware file named "a.exe". The dropped executable, which is actually embedded into the PDF file, tries to connect to a certain location on the web to download other harmful files. The dropped malware is indicated by Microsoft`s researchers as TrojanDownloader:Win32/Qaantiz.A.
The security hole was found on Adobe Acrobat and Adobe Reader up to 9.3.0 for Windows, Apple and Unix. Older versions of Acrobat and Reader like 8.2.0 are also affected. Knowing the widespread usage of Adobe`s Reader, it is not hard to say that hundreds and thousands computers are running some older versions and are still vulnerable to this threat.
Adobe Reader`s users should check the latest version of the software they are running. In this way they could cope with this issue. Computer users can pull down the 'help' menu and click on 'check for updates,' or they can download the latest standalone version of Adobe Reader.