May 162010

Recently, news have been circulating about a new form of phishing attack that doesn’t rely on some unpatched vulnerability; rather, it uses a legitimate feature of Adobe Acrobat to hijack users’ computers.

Sophos Labs offer a detailed description of how it works. (Basically, it’s the ability of Acrobat to open non-PDF attachments that is abused, tricking a user into running an executable program.) They also offer advice on how to disable this feature. I think it’s a darn good idea to follow their suggestion: most of us never deal with PDF documents containing non-PDF attachments anyhow.

 Posted by at 2:21 am