We have a reminder for you — tomorrow is Update Tuesday — and there are more than Microsoft's update(s) coming.



If you recall, we posted on the 15th of December about an Adobe Reader/Acrobat 0-Day vulnerability. There are limited exploits being used in targeted attacks. We detected that exploit as: Exploit:W32/AdobeReader.UZ.

There have been reports of additional exploits since then. SANS Diary has an excellent write up from the 4th of this month. We detect the referenced exploit as Exploit:JS/Pidief.CKJ.

This is what the PDF decoy looks like:



See Adobe's Security bulletins and advisories for more details, and prepare for testing and deployment.

—————