2 edits | reply to abc1234
Re: Browser Redirect to 7.7.7.0 - interesting That's my suspicion, it's a drive-by PDF in a frame that I'm not seeing. I'm normally a heavy adblocker, but you don't have to make those things of a size that is actually visible, and if you're attacking from god knows where, you might not be in the blocklist yet.
As part of my protective strategy I've disabled the PDF plugin in Firefox. Whatever this exploit is, if it came via PDF, it came through Reader 9.0.0 in my case, because I turn off the Adobe autoloader program that normally patches it, and I turn off version checking as well.
Are we aware of something that specifically targets Adobe Reader 9.0.0?
-edit-
Oh, that's useless, I just "updated" reader and it still claims to be version 9.0.0. |
Reviews:
 ·MTS
| 9.0.0.332 is the latest Reader version.
Yes, there are a number of things targeting Reader, and other insecure versions of other programs. QuickTime, Flash player, RealPlayer, and so on. People are getting better at patching their OS, but not so good at third party software. The bad guys want to get in your machine, and they will keep trying to find a way to do it. |
