Potential Increase in Malware Delivered by PDF and Office Attachments
October 23, 2014
The Information Security Office wants to make you aware that a number of vulnerabilities affecting Microsoft Office and Adobe Acrobat were disclosed this week. Furthermore, we have been made aware that savvy criminals are launching phishing campaigns to deliver malware (such as viruses, Trojans, worms, etc.) by sending specially crafted documents (like pdf, PowerPoint) attached to crafted email designed to bait recipients into opening the documents. If the document is opened, there is a potential for the computer to be infected and may begin downloading other malware.
The Office of Information Technology is aware of these vulnerabilities and is in the process of mitigating them by doing the following:
- Updating the malware signatures on the email systems that deliver email to @uta.edu and @mavs.uta.edu addresses to block known attachments that might be infected.
- Updating Microsoft Endpoint Protection (Windows) and McAfee Antivirus (Macintosh) to block known malware that might exploit this vulnerability.
- Updating Microsoft Office and Adobe Acrobat products on computers that have the standard OIT image.
- Patching vulnerable servers under their care that might be vulnerable if malware entered our network.
Additionally, the Information Security Office has implemented blocks on the Intrusion Prevention System for known communication that might exploit these vulnerabilities.
As is the nature with all anti-malware software or network protections, and while anti-malware vendors are constantly adjusting and improving detection capabilities, they are often playing catch-up with the latest techniques used by criminals to evade threat detection technology. As such I encourage you to alert your staff to be vigilant and to follow these general tips to avoid infection:
- Do not open email attachments from unknown or untrusted sources
- Remind users not to visit untrusted websites or follow links provided by unknown or untrusted sources, especially email.
- Ensure that computers and servers are protected:
- Keep all operating system, applications and essential software up to date to mitigate potential exploitation by attackers.
- Make sure all AV products are up-to-date with their signatures.
- Ensure that there is a properly configured firewall enabled on the computer or server.
If you are not sure whether your UTA computer is fully protected, please contact the OIT help desk or your Desktop Support Associate.