[Steve]

Adobe is offering a software update to fix a security flaw in the Adobe Acrobat and free Adobe Reader product which is used to read the popular PDF document format. The update, brings the latest versions of Adobe Reader and Acrobat to versions 8.1.1 and fixes a vulnerability that only affects Microsoft Windows XP and Windows Server 2003 users who use Internet Explorer 7.

Adobe says the flaw also exists in version 7.0.9 of Adobe Acrobat and Adobe Reader, but that a fix for that version will be released in a separate update.

Symantec Corp has said that a malicious PDF document that exploits bugs in the Acrobat software is already in the wild. "This mass mailing of exploit files may be an attempt to leverage the exposure window between patch release and widespread adoption of the fix," said Symantec in a warning to customers of its DeepSight threat intelligence network.

The rogue PDF document is attached to a spammed e-mail, and arrives with a filename such as YOUR_BILL.pdf or INVOICE.pdf, said Symantec. It exploits the "mailto:" protocol vulnerability disclosed more than a month ago by U.K.-based researcher Petko Petkov.

When recipients open an 'attacking' PDF, it launches a Trojan horse dubbed "Pidief.a" that knocks out the Windows firewall and then downloads anotherpiece of Malware to the compromised computer. That second piece of attack code is a dedicated downloader that can retrieve files from a remote server and, at the attacker's command, pull them onto the hacked PC.

The problem is related to a published vulnerability relating to URL Handling in Windows, which Microsoft has yet to address at source - and it has affected several types of third-party software of which Adobe has been the most recent to circumvent with its own fix.

If you use Windows XP and Internet Explorer 7, you should update Acrobat and Acrobat Reader without delay using the Adobe patch download link below.
You may also want to consider using an alternative program to read PDF files - as mentioned in the Washington Post article linked below.
-------------------------------------------------------------------------------------------------------------------

W E B L I N K S
Washington Post: Adobe Fixes Reader, Acrobat Vulnerabilities - Security Fix

Microsoft Advisory: Microsoft Security Advisory (943521): URL Handling Vulnerability in Windows XP and Windows Server 2003 with Windows Internet Explorer 7 Could Allow Remote Code Execution
Adobe Advisory: Adobe - Security Advisories : APSB07-18: Adobe Reader and Acrobat vulnerability
Adobe patch download: Adobe - Adobe Reader : For Windows : Adobe Reader 8.1.1 update - multiple languages