Next week's patches will see a busy time for IT departments as Adobe, Microsoft and Mozilla update vulnerabilities

News by Dan Raywood

Upcoming patches from Adobe have been welcomed as PDF exploits become more prevalent.

Upcoming patches from Adobe have been welcomed as PDF exploits become more prevalent.


Andrew Clarke, senior vice president international at Lumension, claimed that updates next week from Adobe to address current Reader issues across multiple versions will have an impact on IT.


He claimed that with a range of patches offered from Adobe, Microsoft and Mozilla, IT departments will have plenty to keep them busy as installation will be required for all the updates.


Clarke said: “Since the beginning of the year, we've been worrying about Adobe vulnerabilities. It's important to remember that historically, files like Adobe PDF files, Word, Excel or PowerPoint files have been ideal vehicles for targeted attacks because these attachments are socially acceptable and expected attachments within corporate email.


“The use of a file like a PDF as a vehicle for the delivery of malware gives the hacker an added advantage. Earlier this month, we found at least half a dozen Chinese websites that were hosting malicious PDF files using the most current vulnerability. After Tuesday, they'll simply do a better job of hiding their malware.”


Clarke claimed that although the upcoming patch from Microsoft for PowerPoint was ‘relieving', he said that compromised applications have now become a delivery mechanism for additional downloaded and executed malware such as keyloggers and rootkits.


“The most effective risk mitigation therefore, continues to be application control to prevent a compromised application from downloading and running any unauthorised software (including malware) on a user's PC,” said Clarke.



Find this article useful?

Get more great articles like this in your inbox every lunchtime

Video and interviews