Spam campaigns that target Adobe users are rather common, but there are always some users that haven't heard about them and fall for the scam that offers them a fake upgrade of Adobe Reader (which is free but offers minimal PDF creation capabilities) that should supposedly allow them to get the features present in Adobe Acrobat (commercial software used for generating PDF documents).
Streaming music service Spotify has been displaying malicious ads to users of their Free version. The ads lead to websites that used the Blackhole Exploit Kit to infect users with the Windows Recovery fake AV application.\r\n\r\n\r\nPatrick Runald, Websense Security Labs, comments: \"Malvertising is nothing new, but this case is slightly different. Usually malicious ads are displayed as part of a website and viewed with the browser. In this case the malicious ad is actually displayed inside the Spotify application itself. This means that it\'s enough that the ad is just displayed to you in Spotify to get infected, you don\'t even have to click on the ad itself.
Critical vulnerabilities have been identified in Adobe Reader X (10.0) for Windows and Macintosh; Adobe Reader 9.4.1 and earlier versions for Windows, Macintosh and UNIX; and Adobe Acrobat X (10.0) and earlier versions for Windows and Macintosh.
GFI Software revealed continuing high levels of rogue security products circulating during January, and a surge in malware that takes aim at vulnerabilities within Adobe Reader and the PDF file format – two of the top 10 detections are aimed at exploiting holes within Adobe.\r\n\r\n\r\nAs was the case in December 2010, seven of the top 10 malware detections were Trojans, with those seven accounting for almost 34% of all malware detections for the month.\r\n\r\nThreatNet also revealed an increase in the FakeVimes rogues that were reported last month, when FraudTool.Win32.FakeVimes!delf (v) hit the number nine spot with .73 percent of all detections.\r\n\r\nThis represents a VIPRE heuristics detection for malicious code associated with the FakeVimes family of rogue security products, illustrating the continued growth of fake and compromised security applications as a means to circulate and covertly install malware onto PCs.\r\n\r\nIn January, a detection of PersonalInternetSecurity2011.FakeVimes (.64 percent of detections) was at the number 12 spot and the top 50 also included Antivirus8.FakeXPA, FraudTool.Win32.FakeVimes!VB (v) and Win32.FakeVimes!delf (v). There are approximately 17 rogues that are considered members of the FakeVimes family. They first appeared in January of last year.\r\n\r\nTwitter users fell victim to a fake antivirus software scam in January as a number of accounts began distributing links promoting rogue security software. The attack used Google\'s Web address shortening service to conceal the links\' destination.\r\n\r\nTwitter worked to reset passwords, but there is no telling how many users were led to malicious sites due to this phishing attack.
Critical vulnerabilities have been identified in Adobe Reader 9.4 (and earlier versions) for Windows, Macintosh and UNIX, and Adobe Acrobat 9.4 (and earlier 9.x versions) for Windows and Macintosh. These vulnerabilities could cause the application to crash and potentially allow an attacker to take control of the affected system. In addition to addressing CVE-2010-3654 noted in Security Advisory APSA10-05 and CVE-2010-4091 referenced in the Adobe PSIRT blog ("Potential issue in Adobe Reader"), these updates also incorporate the Adobe Flash Player update as noted in Security Bulletin APSB10-26. Adobe recommends users of Adobe Reader 9.4 and earlier versions for Windows and Macintosh update to Adobe Reader 9.4.1, available now.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.