Follow:

 

Exploit:Win32/Pdfjsc


Microsoft security software detects and removes these threats.

Win32/Pdfjsc are a family of malicious PDF files that exploit vulnerabilities in Adobe Acrobat and Adobe Reader

The vulnerabilities allow malware to download and run arbitrary files.



What to do now

The following Microsoft software detects and removes this threat:

Even if we've already detected and removed this particular threat, running a full scan might find other malware that is hiding on your PC.

Update Adobe products

Make sure you install all available Adobe updates. You can read more about this vulnerability and download software updates from these links:

It's also important to keep your other software up to date:

Threat behavior

Installation

Variants of Win32/Pdfjsc may be encountered when visiting a compromised webpage with a vulnerable PC, or as an attachment to an email.

The PDF file contains a malicious JavaScript that exploits a vulnerability, discussed in CVE-2010-0188.

Payload

Downloads arbitrary files

If Win32/Pdfjsc successfully exploits a vulnerable computer, it may cause the Adobe application to crash, or it may attempt to download and install arbitrary files from a remote server. These downloaded files may be detected as malware.

Some of the vulnerabilities that variants of Win32/Pdfjsc have been known to exploit include:

 Analysis by Shawn Wang and Methusela Cebrian Ferrer

Symptoms

Alerts from your security software may be the only symptom.


Prevention


Alert level: Severe
First detected by definition: 1.59.114.0
Latest detected by definition: 1.173.2181.0 and higher
First detected on: May 22, 2009
This entry was first published on: May 28, 2009
This entry was updated on: Oct 04, 2013

This threat is also detected as:
No known aliases