Exploit:Win32/Pdfjsc.RJ is the detection for specially-crafted PDF files that exploit the vulnerability in Adobe Acrobat and Adobe Reader described in CVE-2010-0188. It connects to certain web servers to download other files, which may be malicious.

Exploit:Win32/Pdfjsc.RM is a detection for a PDF file that contains an obfuscated malicious JavaScript that attempts to contact remote hosts in order to download arbitrary files.

Exploit:Win32/Pdfjsc.XK is a PDF file that exploits certain vulnerabilities in Adobe Acrobat and Adobe Reader. Successful exploitation of these vulnerabilities may result in the execution of arbitrary code.

Exploit:Java/Blacole.AT is the detection for the 'Option.class' Java class module included in a JAR archive that is part of the "Blackhole" exploit pack. The JAR file is an applet that exploits the vulnerability in Java Runtime Environment described in CVE-2010-0840.

Exploit:Win32/Pdfjsc.YE is a specially-crafted Portable Document File (PDF), which exploits a vulnerability in Adobe Acrobat and Adobe Reader discussed in the following articles:

• CVE-2010-0188
• APSB10-07

When executed in a vulnerable version of Adobe Acrobat or Adobe Reader, it attempts to download a certain file.

Exploit:Java/CVE-2010-0094.AX is a Java-based malware that exploits a vulnerability discussed in CVE-2010-0094. The vulnerability affects Java Runtime Environment (JRE) up to version 6 release 18 inclusive, and makes it possible for untrusted code to gain full privileges at the level of the user's browser security scope.

TrojanDownloader:Java/OpenConnection.HB is a Java based malware that exploits a vulnerability discussed in CVE-2010-0094. The vulnerability affects Java Runtime Environment (JRE) up to version 6 release 18 inclusive, and makes it possible for untrusted code to gain browser security privileges under the user's account.

Exploit:Win32/Pdfjsc.YQ is a specially-crafted Portable Document File (PDF), which exploits vulnerabilities in Adobe Acrobat and Adobe Reader discussed in the following articles:

• CVE-2009-0927
• CVE-2010-0188

Exploit:JS/Blacole.AV is a malicious JavaScript that attempts to exploit several vulnerabilities in Adobe Acrobat and Reader. If the exploit is successful in compromising a vulnerable host, it could result in downloading and executing other malware.

Exploit:JS/ShellCode.AJ is a detection for certain malicious JavaScript code that is embedded within HTML files.

Exploit:Win32/Pdfjsc.AAP is the detection for specially-crafted PDF files that target software vulnerabilities in Adobe Acrobat and Adobe Reader. The vulnerabilities, discussed in CVE-2010-0188, could allow a remote attacker to cause a denial of service or application crash or possibly execute arbitrary code.

Exploit:Win32/Pdfjsc.AAV is the detection for specially-crafted PDF files that target a software vulnerability in Adobe Acrobat and Adobe Reader.

Exploit:MacOS_X/MS09-027.A is a malicious Microsoft Word document that attempts to exploit a known vulnerability in Microsoft Office for Mac. The vulnerability was resolved with the release of Microsoft Security Bulletin MS09-027.

Exploit:MacOS_X/MS09-027.A drops other malware into your computer.

Exploit:Win32/Pdfjsc.ABG is the detection for specially-crafted PDF files that target a software vulnerability in Adobe Acrobat and Adobe Reader (described in CVE-2010-0188) that could result in execution of arbitrary code.

Exploit:Win32/Pdfjsc.ADF is the detection for specially-crafted PDF files that target software vulnerabilities in Adobe Acrobat and Adobe Reader. The vulnerabilities, discussed in CVE-2010-0188, allow this malware to download and run arbitrary files.

Exploit:JS/Coolex.A is script contained within an exploit pack known as the "Cool Exploit Kit". It can install arbitrary malware on your computer, including variants from the Trojan:Win32/Reveton family of ransomware trojans that may lock your computer and demand payment of a supposed fine.

For more information on ransomware, please see our FAQs at http://www.microsoft.com/security/portal/Shared/Ransomware.aspx.

Exploit:JS/Cooexp.A is script contained within an exploit pack known as the "Cool Exploit Kit". It can install arbitrary malware on your computer.

Exploit:Win32/Pdfjsc.AGC is a malicious PDF file that exploits a vulnerability in Adobe Acrobat and Adobe Reader.

The vulnerabilities, discussed in CVE-2010-0188, allow this malware to download and run arbitrary files.

The following versions of Adobe Acrobat and Adobe Reader are vulnerable to this exploit:

• Adobe Acrobat and Adobe Reader earlier than 8.2.1
• Adobe Acrobat and Adobe Reader earlier than 9.3.1

Install updates to prevent infection

This malware exploits known vulnerabilities.

You should always install the latest updates available from the software vendor to prevent reinfection from this threat, and possible infection from other threats.

Download updates for Adobe products from the following link:

• Updating Software