Software updates: annoying but necessary

Posted by kent on September 24th, 2009

One week after visitors to the New York Times website encountered ad-based malware, a similar attack befell popular websites such as the Drudge Report and Horoscope.com. The trojans were pdf-based and were delivered via ad networks such as Google's DoubleClick.

The adds would pop up a nearly invisible window in the victim's browser that contained a maliciously encoded pdf document, which included attack code that placed a variant of the Win32/Alureon Trojan horse program on the victim's computer.

The virus only attacked computers using older versions of Adobe's Acrobat Reader. PDF vulnerabilities are fairly widespread, which is why Acrobat seems to need monthly updates. It's easy to ignore these reminders, but keeping your software updated is part of a three-pronged approach to computer security that also includes Internet security software and good common sense.