By Mark Huffman
June 11, 2010
Avoiding computer viruses and malware isn't nearly as easy as it used to be. Cybercriminals are staying two or three steps ahead, often exploiting vulnerabilities in popular software programs.
Two of the most popular programs -- Abobe Acrobat Reader and Adobe Flash -- are so common they are used across multiple platforms, by computers running Windows, Linux and Apple systems. So it's not surprising that hackers have worked hard to find ways to exploit vulnerabilities in those softwares to load malware onto consumers' computers.
"It is becoming more and more common for cybercriminals to exploit vulnerabilities in Adobe's software -- so it would be a very good idea for everyone to update vulnerable computers as soon as possible," said Graham Cluley, a security specialist at Sophos Security, a software company.
Adobe this week acknowledged that some versions of Flash, the plug-in that allows video and other animated graphics to be embedded in Web pages, has problems.
"Critical vulnerabilities have been identified in Adobe Flash Player version 10.0.45.2 and earlier," the company posted in a security alert. "These vulnerabilities could cause the application to crash and could potentially allow an attacker to take control of the affected system."
Adobe recommends users of Adobe Flash Player 10.0.45.2 and earlier versions update to Adobe Flash Player 10.1.53.64. Adobe said users of Adobe AIR 18.104.22.16830 and earlier versions update to Adobe AIR 22.214.171.12410.
Interestingly, the Apple iPad does not support Flash, with CEO Steve Jobs taking a critical public posture against the software. Though Jobs did not specifically site security concerns with Flash, he criticized its stability and complained that it was prone to crashing.
Problems with Acrobat
Meanwhile, there are also problems in Adobe's Acrobat Reader, the software that allows documents to be viewed on any computer. Security experts say two exploits in particular, Pdfka and Pidief, now make up nearly half of all detected malware exploits on the Web. These vulnerabilities most recently threatened computer users in the form of a bogus coupon for Doritos that runs a malware program, infecting the computers that download it.
Making it even more dangerous, most browsers will open an Acrobat, or PDF file, without seeking permission. When the file is opened, the malware program runs in the background, without the computer user being aware of it.
What's the motive behind these attacks? First and foremost it's an attempt by spammers to increase the ranks of so-called "zombie" computers.
The malware allows the hacker to take control of the unsuspecting consumer's computer. They can use it to send out millions of spam messages. You may have gotten a spam email from what appeared to be a legitimate email address, with a real person's name on it. Chances are it came from a zombie computer, with the computer's owner unaware his name was being used to promote a sexual enhancement product.
But there is also a more sinister threat if your computer becomes a zombie. Because the hacker is in control, he or she may monitor your keystrokes and steal user ids and passwords, cleaning out a bank account or stealing an identity.
To protect yourself, make sure you have the latest updates of Acrobat Reader and Flash. With Reader, the updates don't install automatically. You have to change the settings to make the program automatically install updates.
Security experts also suggest disabling the feature that allows PDF files to open automatically in a browser. Simply open the Acrobat Reader software, select "edit," then "preferences." From the menu, click on "Internet" and unselect the option "display PDF in browser."
Finally, make sure your anti-virus software is up to date. Cybercriminals continue to innovate and it's very hard to stay ahead of them.