Not what you were looking for? Ask our experts!
Reply
Rootkit Eradicator
Posts: 5,357
Registered: ‎05-30-2008
Accepted Solution

Adobe Reader, Acrobat and Adobe Flash Player Vulnerabiliy Being Exploited In-The-Wild

[ Edited ]

On Tuesday, July 21, 2009, symantec became Aware of a Previously Un-Known Vulnerability Affecting Adobe Reader and Acrobat 9.1.2 and Adobe Flash Player 9 and 10. Attackers can Exploit the Issue to Execute Arbitrary Code by enticing a Vulnerable User into visiting a Malicious Web Site or Opening a Malicious File. This Issue is being Exploited In-The-Wild in Limited Attacks.

On July 21, 2009, Adobe acknowledged the Vulnerability in the following Post: http://blogs.adobe.com/psirt/2009/07/potential_adobe_reader_and_fla.html.

 

 

Users are Advised to:

 

- Avoid following Web Links that Originate from Un-Known or Un-Trusted Sources.

 

- Avoid Processing Files that Originate from Un-Known or Un-Trusted Sources.

 

- Implement multiple redundant layers of security such as Non-Executable Stack/Heap Configurations and Randomly-Mapped Memory Segments.

 

- Deploy Intrusion Detection to Monitor Network Traffic for Malicious Activity.

 

- Run all Software as a Non-Privileged User with Minimal Access Rights.

 

 

For more information, see the following Vulnerability Alert:

Adobe Acrobat, Reader and Flash Player Un-Specified Vulnerability: http://www.securityfocus.com/bid/35759.

 

Message Edited by Floating_Red on 07-22-2009 08:25 PM
Message Edited by Floating_Red on 07-22-2009 08:26 PM
Message Edited by Floating_Red on 07-22-2009 08:26 PM
Message Edited by Floating_Red on 07-22-2009 08:27 PM
Thursday, November 21, 2013: The THREATCON was changed to Level 1: Normal | Tue., Nov. 05, 2013: Zero-Day Vulnerability: Microsoft Security Advisory 2896666 | Saturday, November 09, 2013: Cyber-Criminals Serve Up A Veritable Smorgasbord Of Threats For South Koreans | Wednesday, October 09, 2013: New Internet Explorer Zero-Day Targeted In Attacks Against Korea And Japan [C.V.E.-2013-3897]
Rootkit Eradicator
Posts: 5,357
Registered: ‎05-30-2008

Re: Adobe Reader, Acrobat and Adobe Flash Player Vulnerabiliy Being Exploited In-The-Wild

Next-Generation Flash Vulnerability: http://www.symantec.com/connect/blogs/next-generation-flash-vulnerability.

 

Thursday, November 21, 2013: The THREATCON was changed to Level 1: Normal | Tue., Nov. 05, 2013: Zero-Day Vulnerability: Microsoft Security Advisory 2896666 | Saturday, November 09, 2013: Cyber-Criminals Serve Up A Veritable Smorgasbord Of Threats For South Koreans | Wednesday, October 09, 2013: New Internet Explorer Zero-Day Targeted In Attacks Against Korea And Japan [C.V.E.-2013-3897]
SendOfJive
Posts: 10,755
Kudos: 4,795
Solutions: 776
Registered: ‎02-07-2009

Re: Adobe Reader, Acrobat and Adobe Flash Player Vulnerabiliy Being Exploited In-The-Wild

There is a very good short summary about this on the SANS Internet Storm Center.  They've even coined a new acronym that pretty much says it all.  So far, no mitigation guidelines other than blocking Flash content with NoScript in Firefox.
Rootkit Eradicator
Posts: 5,357
Registered: ‎05-30-2008

Re: Adobe Reader, Acrobat and Adobe Flash Player Vulnerabiliy Being Exploited In-The-Wild

Updates are Available; please see Web Link for More Details.

 

 

http://www.securityfocus.com/bid/35759/solution.

 

Thursday, November 21, 2013: The THREATCON was changed to Level 1: Normal | Tue., Nov. 05, 2013: Zero-Day Vulnerability: Microsoft Security Advisory 2896666 | Saturday, November 09, 2013: Cyber-Criminals Serve Up A Veritable Smorgasbord Of Threats For South Koreans | Wednesday, October 09, 2013: New Internet Explorer Zero-Day Targeted In Attacks Against Korea And Japan [C.V.E.-2013-3897]
Rootkit Eradicator
Posts: 5,357
Registered: ‎05-30-2008

Re: Adobe Reader, Acrobat and Adobe Flash Player Vulnerabiliy Being Exploited In-The-Wild

Patches have now been Released in July/August 2009.  Sorry for the late Update on this Issue.

 

 

Update on Adobe Reader, Acrobat and Flash Player Issue: http://blogs.adobe.com/psirt/2009/07/update_on_adobe_reader_acrobat.html.

 

Security advisory for Adobe Reader, Acrobat and Flash Player:  http://www.adobe.com/support/security/advisories/apsa09-03.html.

 

Security updates available for Adobe Flash Player, Adobe Reader and Acrobat: http://www.adobe.com/support/security/bulletins/apsb09-10.html.

 

 

Thursday, November 21, 2013: The THREATCON was changed to Level 1: Normal | Tue., Nov. 05, 2013: Zero-Day Vulnerability: Microsoft Security Advisory 2896666 | Saturday, November 09, 2013: Cyber-Criminals Serve Up A Veritable Smorgasbord Of Threats For South Koreans | Wednesday, October 09, 2013: New Internet Explorer Zero-Day Targeted In Attacks Against Korea And Japan [C.V.E.-2013-3897]