A program or technique that takes advantage of a vulnerability to remotely access or attack a program, computer or server.
Once detected, the F-Secure security product will automatically disinfect the suspect file by either deleting it or renaming it.
Exploit:JS/Pdfka.TI is an exploit that can take advantage of two vulnerabilities in a single PDF file in order to download malicious binary files (usually Trojan-Downloader:W32/Bredolab variants) onto the system.
The vulnerabilities exploited are:
Adobe Reader and Acrobat versions 8.1.2 and earlier are affected by the vulnerabilities exploited by this malware.
Once the vulnerabilities are exploited, binary files are downloaded from:
The downloaded files are saved in the Temporary directory using the following filenames:
The files are then executed.