MX Lab is detecting and intercepting an increased distribution of maliciously crafted PDF files. These PDF files contain an exploit that could result in a complete access to the infected computer and affects Windows XP or Windows 2003.
When the PDF document is opened the Windows firewall will be disabled by using Netsh, a command-line scripting utility that allows you to, either locally or remotely, display or modify the network configuration of a computer that is currently running. The code will start downloading a trojan from the internet which may allow the attacker to take control over the infected computer.
