Wednesday, 24 October 2007

1-Day Acrobat flaw being exploited

Source: The Register

One day after the release of the secutiry patch, spammers are exploiting a flaw in Adobe Acrobat via malicious PDF attachments. "The code and servers used in the attack are nearly identical to September 2006 Vector Markup Language (VML) zero-day attacks that took place one year ago."

1 comment:

The Famous Brett Watson said...

According to a further article on The Register, the exploit is being used to deploy a variant of Gozi, which snoops on traffic being sent over HTTPS. Thankfully, however, the spam run used to deploy the malware was relatively inept.