New Malware Targets Software Updaters

By Kara Reeder | Mar 26, 2010 | Print this Page
Bach Khoa Internetwork Security (BKIS), a Vietnamese security company, is warning about malicious software that overwrites update functions for other applications.

According to Computerworld, the malware infects Windows computers and disguises itself as an updater for Adobe Systems' products and other software. BKIS's blog shows screen shots of a variant of the malware that masks itself as Adobe Reader version 9 and overwrites the AdobeUpdater.exe. The malware is installed if users open malicious e-mail attachments or visit Web sites that target specific software vulnerabilities.

Rik Ferguson, senior security advisor for Trend Micro, says users who become infected could be worse off even if they remove malware:

They will lose the auto-updating functionality of whatever software is affected even after the malware is cleaned up. That could of course leave them open to exploitation further down the line if critical vulnerabilities don't get patched as a result.