I just got the following popup:
Is this a legitimate update from Adobe?
The reason I'm concerned:
- The Flashback virus started off as a fake Adobe Flash update.
- The UI on the application does not look like it is using native components. It seems like it's running Java or something similar.
- I didn't run anything to prompt this. It just popped up on its own.
- This is an actual application (it appears in the dock).
- The application has no about menu.
- I do have Adobe Reader installed, but it wasn't running at the time. (In fact, I haven't launched it in a while.)
- There is nothing related to Adobe Reader (or the updater) in my login items (System Prefs > Users > Login Items).
- The process name shows up as Adobe Reader Updater in Activity Monitor.
Detailslink goes to http://www.adobe.com/go/update_details which redirects to http://helpx.adobe.com/acrobat/release-note/release-notes-acrobat-reader.html (However, that doesn't say much. Malware could just as easily link to the official website in order to appear legitimate.)
It seems like it is legitimate for the following reasons: