Adobe recently used its security blog to announce a newly discovered threat targeting the PDF format and Reader software. Users running Mac, Windows and UNIX platforms are at risk from an exploit which could be used to insert a Trojan known as ‘Troj_Pidief.Uo’. This malware creates a backdoor into your system through which complete control can be taken.
The Trojan itself is transmitted through an infected PDF file with an embedded JavaScript agent. At the time Adobe suggested that turning off Java would reduce the risk of infection, although there was no confirmation that this temporary solution would work in all scenarios. The potential for the creation of a similar Trojan which does not require the Java element was also highlighted, which would render simply turning off Java entirely ineffective. Users of Windows Vista with Data Execution Prevention (DEP) activated are automatically protected from infection. The malware affects all versions of Acrobat up to and including 9.1.3. Continue reading