Zbot Trojan uses pdf in taking full control of computer

Zbot trojan is a information stealing Trojan which uses any pdf document and once this trojan is saved inside the computer then that’s it.Its enough for the trojan if the pdf is just opened by the user.Trojan starts executing some malicious code and also can send information to another remote server.It seems this kind of Trojan sends the information to the remote server located in China.

If any pdf is filled with this Trojan and if the user downloads this pdf then you will be prompted to save a file named “Royal_Mail_Delivery_Notice.pdf”.After saving this file original file will also be saved and if you open the pdf then this Trojan starts its execution.

The Zbot trojan creates a subdirectory under %SYSTEM32% with the name “lowsec” and drops the “local.ds” and “user.ds” files. It also drops an executable “sdra64.exe” and modifies the registry entry “%SOFTWARE%\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit” to launch itself during system startup. When it runs, it injects malicious code into the Winlogon.exe instance in memory.

Thus Zbot acts as a back door for some remote computers to get full access of your machine and also it acts as frontgate for many spywares and adwares to get intruded into the machine.

Oracle releases emergency patch for Java

A security hole was detected in Java Web Start recently and Sun organisation din’t take up this issue very seriously and as a result they were not even ready to release some patch to fix this issue.But later there came in some change in their announcement on releasing some emergency patch over the issue.This patch will be available with the latest updates of Java software and if the updates are not upto date then manual update is a must to get rid of the security issue
To install the emergency patch follow the instructions below
Start >
Control Panel >
Java >
Update tab and clicking the Update Now button.
Uncheck the Yahoo installation box.

But some unofficial reports also say that patch does not eliminate the threat completely in case of Google browsers but not in the case of Internet Explorer.