Exploit:Win32/Pdfjsc.VS

One of the most important developments in computer security of 2011 was the discovery of a zero-day vulnerability within Acrobat Reader 9.0, the popular PDF reader by Adobe Systems. Using this vulnerability, which may be detected as Exploit:Win32/Pdfjsc.VS, criminals can force their victim's computer system to download various unsafe files after opening a seemingly innocuous PDF file. Before the advent of Exploit:Win32/Pdfjsc.VS, PDF files were considered fairly safe, and many computer users would not think twice about downloading and opening a PDF file. However, Exploit:Win32/Pdfjsc.VS changed all this. The exact payload of the Exploit:Win32/Pdfjsc.VS vulnerability can change, depending on the exact nature of the malware that was installed using the Exploit:Win32/Pdfjsc.VS exploit, from one case to the other. Because of the existence of the Exploit:Win32/Pdfjsc.VS exploit, ESG security researchers strongly recommend against downloading or opening PDF files of unknown origin, especially those contained as attachments in unsolicited email messages. If you suspect that your computer system may have been exposed to the Exploit:Win32/Pdfjsc.VS exploit (for example, after opening a suspicious PDF file), ESG security researchers strongly advise running a full scan of your hard drive with a reliable anti-malware application as soon as possible.

Avoiding an Exploit:Win32/Pdfjsc.VS Attack

The main way in which Exploit:Win32/Pdfjsc.VS is used to attack computer systems is by attaching malicious PDF files to email messages. These will usually make use of social engineering in order to infect their victims with malware delivered via the Exploit:Win32/Pdfjsc.VS exploit. Social engineering is simply a term that refers to taking advantage of weaknesses in human nature in order to carry out malware attacks. It is often easier for a criminal to lie to their victims instead of having to go to all the trouble of creating a malware infection that can infiltrate a computer system through brute force. For example, a criminal may have a particular malware application designed to take residence on the victim's hard drive and steal credit card numbers. One way of delivering it could consist of creating a virus capable of bringing down the victim's computer's defense and injecting this file into the victim's computer through some kind of vulnerability in the computer's defense. An easier way would be to hide the virus inside an innocuous PDF file and then convince the victim that the PDF contains attractive information so that the victim will download and install it on their own computer.