PDF exploit in the wild, drops Trojan on users' systems

Symantec issues warning about an Adobe Acrobat PDF file that exploits a vulnerability to drop a Trojan on a user's system

UPDATE: Ellen Messmer has a full story here.

Symantec issued this warning regarding Adobe Acrobat PDF files:

Symantec Security Response recently came into possession of an Adobe Acrobat PDF file that is exploiting a vulnerability and, when opening, drops and executes a malicious binary onto a user’s system. The malicious PDF files are detected as Trojan.Pidief.G and the dropped files as Trojan Horse.

This vulnerability is not one we have seen in the wild before and affects Adobe Flash. The authors have taken a bug and turned it into an exploit. Once the unsuspecting user visits the website or opens the PDF, this exploit will allow further malware to be dropped on the victim’s machine and possibly open a back door.

Flash exists in all popular browsers and is also available in PDF documents. The large user base of Flash presents attackers with a built-in targeted audience.

Symantec researchers are working closely with Adobe in relation to this issue.

We urge consumers to ensure their antivirus definitions are up to date. It is likely that we will see attacks that will attempt to exploit this vulnerability. Once the patch is available from Adobe, they can update their systems with the patch and ensure their Adobe products are up to date. As an extra safety measure, Vista users can employ the UAC (User Account Control) feature as this will help mitigate a successful compromise.

You can find more details here.