It is best in this case to submit the file in question to <http://www.webimmune.net> for analysis.
In order for us to research a question about a specific virus that cannot be detected by our current engine and dat files, please send us a sample of the suspiciously behaving file in a password-protected ZIP file (password - infected).
If you have a system where you can do a test scan, you may first wish to try our beta DailyDATs to get the latest detection available.
You can find this on our web-site at:
You can find detailed instructions for how to send us a sample at
Please include a description of the symptoms your system is experiencing, and any pertinent information about what AV Products you are using including company, version number (engine/dat numbers for McAfee Products) and results of the scan.
Please use the following links to reach our technical support group for McAfee products.
Single User/Retail Customers:
thanks for your fast answer, Neha!
unfortunately, i don't have a pdf using this new exploit.
i'm asking because my company got infected via a pdf-file in april, containing such an unpatched exploit, mcafee added this to its DATs 2 days later.
doesn't mcafee get all submission from virustotal, too?
anyway, i noticed that the avert reponse regarding submitted files has been improved, thanks
now you'll get an e-mail when the detection is included to production DATs.
1 of 1 people found this helpful
We sent a security advisory out about this today.
Coverage will be provided as Exploit-PDF.ag in the 5834 DAT files, releasing December 16.
An EXTRA.DAT is currently available via the EXTRA.DAT request page at https://www.webimmune.net/extra/getextra.aspx
You can sign up for the security advisories here: http://www.mcafee.com/us/threat_center/securityadvisory/signup.aspx
Glad you like the improvements to the responses
thanks for your answer, already deployed this. it will take weeks untill adobe realeases an update
have a nice day!