PDF active Gozi Trojan

International. Computer security provider SecureWorks warned that a large amount of spam, using the gmail.com domain, contained pdf attachments that actually exploited a vulnerability in the handling of Uniform Resource Identifiers (URIs) in Adobe Acrobat 8.x. The provider warns that the sent attachment may arrive under different messages and represented with a PDF icon. It downloads an exe file in a first stage from a Russian trading network using an anonymous ftp. The executable installs a variant of the Gozi Trojan virus, which steals data, as described in http://www.secureworks.com/research/threats/gozi/. The latest variant of the virus (Gozi.F) was detected by 26% of the 32 largest vendors of malware defenses. You can download protections from the SecureWorks site and minimize risk by following Adobe's improvement tips, in http://www.adobe.com/support/security/bulletins/apsb07-18.html.