CA researchers are warning of a new malware campaign that seeks to trick users into opening malicious PDF files that take advantage of an unpatched PDF vulnerability.

"The malicious messages masquerade as mail from company system administrators and come with the subject heading of 'setting for your mailbox are changed,' said Mary Grace Gabriel, a research engineer in CA Inc.'s security group," writes Computerworld's Gregg Keizer. "A PDF attachment purportedly contains instructions on how to reset e-mail settings. 'SMTP and POP3 servers for ... mailbox are changed. Please carefully read the attached instructions before updating settings,' the message states."

"Users who open the attack PDFs are infected with a variant of a Windows worm known as 'Auraax' or 'Emold,'" Keizer writes.

Click here to read the Computerworld article.