Microsoft patched the IE6 and IE7 vulnerability on March 30, 2010, in an emergency, or "out-of-band," update.
Although Symantec found evidence of only the early-November attacks, Talbot said he wouldn't be surprised if the criminals fired off another information-stealing campaign between now and next week, when Adobe promised to patch the bug in Reader and Acrobat 9.x on Windows, the versions that have been exploited in the wild.
Talbot declined to specify the geographic location of the Sykipot C&C servers, or speculate on the origin of the Reader exploits.
Adobe will patch the Windows versions of Reader and Acrobat 9.x by the end of next week, and has promised to deliver fixes to Reader and Acrobat 9.x to Mac and Unix users, and to Reader and Acrobat 10.x for all platforms, next month.
Symantec has shipped detection signatures for the rogue PDFs to its customers, said Talbot.
Gregg Keizer covers Microsoft, security issues, Apple, Web browsers and general technology breaking news for Computerworld. Follow Gregg on Twitter at 
@gkeizer, on Google+ or subscribe to Gregg's RSS feed 
. His e-mail address is gkeizer@computerworld.com.
See more articles by Gregg Keizer.
Read more about Security in Computerworld's Security Topic Center.
Free Insider GuideCopyright © 1994 - 2013 Computerworld Inc. All rights reserved. Reproduction in whole or in part in any form or medium without express written permission of Computerworld Inc. is prohibited. Computerworld and Computerworld.com and the respective logos are trademarks of International Data Group Inc.
