Originally, Adobe aims to make an update for Adobe Reader 9.x and Acrobat 9.x for Windows no later than the week of December 12, 2011, however a security patch for CVE-2011-2462 is still not yet available.
For the past one week, we have received three different md5 version of the APT samples, however they all point to the same known APT attack group.
As it's U3D vulnerability, we found all samples have the U3D-related strings.
MD5 of our CVE-2011-2462 samples:
- If you're our XecMail customer, there is nothing to be worried, such APT emails would be identified.
- If you favor manual inspection, please look for U3D-related patterns.
- Once again, there is always our free XecScan service that you can leverage to scan any suspicious document.
- Lastly, the official patch from Adobe should be available pretty soon.
We have free anti-APT services for the community:
- XecMail Cloud is online APT scanning service for your Gmail account.
- XecScan is online APT scanning service for your local document.