Video Screencast Help
Search Video Help Close Back
to help

Symantec Intelligence

Showing posts tagged with PDF
Showing posts in English
A New Zero Day PDF Exploit used in a Targeted Attack
Tony Millington | 07 Dec 2011 | 1 comment

With contributions from Manoj Venugopalan, Senior Malware Analyst, Symantec

Introduction
A new day and a new zero day PDF exploit used in a Targeted attack which our Skeptic heuristic engine stopped. This one exploits a vulnerability in the 3D engine in Adobe Reader (CVE-2011-2462 http://www.adobe.com/support/security/advisories/a...) which is often used to display a 3D wire mesh object that you can rotate and view from all angles in real time. An architect might use it to mock up a plan for a building that the customer can view from within the PDF, very cool. However, the more functions you add to your software, the more chance there is to exploit the format.

Details
The targeted attack against Adobe Reader 9.4.6 on Windows was sent in 5 emails originally on the...

Read more
The PDF Exploit: Same Crime, Different Face
Paul Wood | 06 Apr 2011 | 0 comments

Posted on behalf of Jason Zhang and Joseph Rabaiotti, Malware Research Analysts, Symantec.cloud

 

Portable document format (PDF) is one of the most commonly used file formats with which to exchange electronic documents across platforms and applications. Because of its popularity, it has been heavily used in both targeted and non-targeted attacks, as reported by MessageLabs Intelligence Monthly Report (PDF) in February 2011 and a blog post in January 2011. According to the report, PDFs now account for a larger proportion of document-based targeted attacks; in 2009 approximately 52.6% of targeted attacks used PDF exploits, compared with 65.0% in 2010.

In 2011, we have seen no sign of...

Read more