Troj/PDFJs-GE

Category: Viruses and Spyware Protection available since:12 Mar 2010 10:09:02 (GMT)
Type: Trojan Last Updated:12 Mar 2010 10:09:02 (GMT)
Prevalence: Small Number of Reports

Download Download our free Virus Removal Tool - Find and remove threats your antivirus missed

Troj/PDFJs-GE is a variant in the PDFJs family.

PDFJs Trojans exploit JavaScript parsing flaws in Adobe's popular Adobe Reader software. This variant targets computers with unpatched versions of Adobe Reader.

The malicious JavaScript resides within the annotation section of the PDF. A description of this technique can be seen in the SophosLabs blog article "Yuletide PDF gymnastics".
A temporary mitigation technique that can defend against this and similar attacks is to disable JavaScript within Adobe Reader.

Troj/PDFJs-GE has been used to distribute Sinowal (detected as Mal/Sinowa-A) and other malware.

download Try Sophos products for free
Download now

© 1997 - 2012 Sophos Ltd. All rights reserved. Legal Privacy