Beware of shady PDF documents and use alternative software
Last week, we learned that an Adobe Reader zero-day was being offered to select “customers” in the criminal underground. Since the company has yet to come up with a patch for the issue, experts share some advice on how you can protect your computer against attacks that leverage the vulnerability.Considering that the exploit is sold for as much as $50,000 (39,000 EUR) on the black market, and that it might soon be incorporated (if it hasn’t already) into the BlackHole exploit kit, a large number of users might be affected by it.
According to Trend Micro researchers, one of the main things internauts must know is that the exploit will most likely rely on maliciously crafted PDF documents.
Users should refrain from opening documents received from unknown or untrusted sources. Companies should educate their employees to make them aware of the risks.
Until Adobe comes up with a patch, experts recommend the use of alternative readers such as Foxit or the one that’s integrated into Google Chrome.
Finally, Trend Micro customers using Deep Security and OfficeScan with Intrusion Defense Firewall can assign a number of rules to their endpoints. These rules don’t make the systems bulletproof, but they do provide an extra level of security.