For the geekier among us wanting or needing to know more about the Adobe vulnerability that Randy and I both blogged on yesterday, here are a few resources:
- More from Shadowserver at http://www.shadowserver.org/wiki/pmwiki.php?n=Calendar.20090221
New malcode using this loophole is still appearing, though as far as I know the current exploits are still largely targeted rather than random. However, given the fact that more information is becoming public about the exact nature of the problem, it’s likely that we’ll see it used by other malware that may be more widely spammed. In other words, it will start to affect Joe Sixpack, not just specially targeted organizations.
David Harley BA CISSP FBCS CITP
Director of Malware Intelligence