Watch Out For PDF Malware

F-Secure, the Finnish security firm, has detected malware being distributed by a .pdf file attached to spam e-mails.   Marked “Your Credit Report,” “Your Credit File,” “Personal Financial Statement” or “Balance Report,” the mails contain no body, simply an attachment marked “report.pdf.” If downloaded, it exploits a vulnerability in both Acrobat Reader and Internet Explorer 7 to download further malware from a Malaysian server, which F-Secure says makes the infected computer part of a botnet.   “We’re worried about this case,” said Chief Research Officer Mikko Hypponen in a statement, “as PDF attachments are typically not filtered at e-mail gateways. Executable files are now stripped almost everywhere, but PDF is stripped almost nowhere. Also, a security update for Acrobat Reader was just made available a few days ago, so there are tons of users who haven’t had a chance to update yet.”