Follow:

 

Win32/Pdfjsc


Microsoft security software detects and removes these threats.

This malware family exploit vulnerabilities in Adobe Acrobat and Adobe Reader

The vulnerabilities allow malware to download and run files, inlcuding other malware.

Find out ways that malware can get on your PC.  



What to do now

Use the following free Microsoft software to detect and remove this threat:

You should also run a full scan. A full scan might find other, hidden malware.

Update Adobe products

Make sure you install all available Adobe updates. You can read more about this vulnerability and download software updates from these links:

It's also important to keep your other software up to date:

Get more help

You can also visit our advanced troubleshooting page or search the Microsoft virus and malware community for more help.

If you’re using Windows XP, see our Windows XP end of support page.

Threat behavior

Installation

Variants of Win32/Pdfjsc may be encountered when visiting a compromised webpage with a vulnerable PC, or as an attachment to an email.

The PDF file contains a malicious JavaScript that exploits a vulnerability, discussed in CVE-2010-0188.

Payload

Downloads files

If Win32/Pdfjsc successfully exploits a vulnerable PC, it can cause the Adobe application to crash, or it may attempt to download and install files from a remote server. These files may be detected as malware.

Some of the vulnerabilities that variants of Win32/Pdfjsc have been known to exploit include:

 Analysis by Shawn Wang and Methusela Cebrian Ferrer

Symptoms

Alerts from your security software may be the only symptom.


Prevention


Alert level: Severe
This entry was first published on: Feb 04, 2011
This entry was updated on: Sep 22, 2014

This threat is also detected as:
No known aliases