We're gradually updating threat actor names in our reports to align with the new weather-themed taxonomy. Learn about Microsoft threat actor names
Exploit:Win32/Pdfjsc.ALA
Aliases: Exploit.JS.Pdfka.gkz (Kaspersky) generic/Pdfjsc.DZ (Norman) PDF:Exploit.PDF-JS.AEV (BitDefender) JS/Pdfka.GKZ!exploit (Fortinet) JS.Pdfka (Ikarus) Suspicious-PDF.gen (McAfee)
Summary
Windows Defender detects and removes this threat.
Exploit:Win32/Pdfjsc.ALA is a specially created PDF file that exploits a vulnerability in Adobe Acrobat and Adobe Reader.
The vulnerability, discussed in CVE-2010-0188, lets this file download and run other files, which might be other malware.
These versions of Adobe Acrobat and Adobe Reader are vulnerable to this exploit:
- Adobe Acrobat and Adobe Reader version 8 earlier than 8.2.1
- Adobe Acrobat and Adobe Reader version 9 earlier than 9.3.1
The following free Microsoft software detects and removes this threat:
- Microsoft Security Essentials or, for Windows 8, Windows Defender
- Microsoft Safety Scanner
Even if we've already detected and removed this particular threat, running a full scan might find other malware that is hiding on your PC.
You can also visit the Microsoft virus and malware community for more help.
Update Adobe products
Make sure you install all available Adobe updates. You can read more about this vulnerability and download software updates from these links:
It's also important to keep your other software up to date:
