Adobe, Acrobat and Flash Zero-Day Vulnerability

On Monday, December 14, 2009, symantec became aware of a previously Un-Known Vulnerability affecting Adobe Reader and Acrobat 9.2 and Prior Versions. Attackers can Exploit the Issue to Execute Arbitrary Code by enticing a Vulnerable User into visiting a Malicious Web Site or Opening a Malicious File. This issue is being exploited In-The-Wild in Limited Attacks.

 

Users are advised to:

- Avoid following Web Links that originate from Un-Known or Un-Trusted Sources.
- Avoid Processing Files that originate from Un-Known or Un-Trusted Sources.
- Implement multiple redundant layers of security such as Non-Executable Stack/Heap Configurations and Randomly-Mapped Memory Segments.
- Deploy Intrusion Detection to Monitor Network Traffic for Malicious Activity.
- Run all software as a Non-Privileged User with Minimal Access Rights.

 

Fore More Information, please see the following:

 

- New Adobe Reader and Acrobat Vulnerability.

- Adobe Acrobat, Reader and Flash Player Un-Specified Vulnerability.

- Zero-Day Xmas Present.

 

 



 

Message Edited by Floating_Red on 12-15-2009 12:02 PM