New Adobe Vulnerabilities Being Exploited In-The-Wild

Adobe posted a vulnerability report warning that vulnerabilities in Adobe Reader and Acrobat XI (11.0.1) and earlier versions are being exploited in the wild. Adobe is currently investigating this issue.

 

Blog:  New Adobe Vulnerabilities Being Exploited in the Wild

 

 

 

"On February 13, 2013, Adobe released a security advisory for new vulnerabilities, CVE-2013-0640 (BID 57931) and CVE-2013-0641 (BID 57947), in Adobe Reader and Acrobat being exploited in the wild. Adobe is currently working on a fix.                

"Though the attack appears to be limited, we advise customers to exercise caution when opening PDF files from unknown sources. Customers are advised to apply the patch once it becomes available."

 

 

Security Advisory for Adobe Reader and Acrobat

Adobe Acrobat And Reader Un-Specified Remote-Code-Execution Vulnerability

Adobe Acrobat And Reader CVE-2013-0641 Remote-Code-Execution Vulnerability

           

 

 

I.D.S. has been released, so please Run Norton LiveUpdate to make sure you have these installed.  Current I.D.S. are 20130214.001.  Virus Defintions - 02/14/2013, Rev. 005 - have also been released.

 

 

 

Hi Floating_Red   here is a temporary fix for the adobe security problem go to    http://www.howtogeek.com/137949/new-security-hole-found-in-adobe-reader-and-acrobat-here-is-how-to-enable-protection-against-the-exploit/

In a previous blog, Symantec reported on a new Adobe zero-day vulnerability (CVE-2013-0640, CVE-2013-0641) affecting Adobe Reader and Acrobat XI (11.0.1) and earlier versions, that was being actively exploited in the wild. Adobe has yet to release a patch for this zero-day, but in an advisory they have provided a means of mitigation against the attack.

 

Blog: New Adobe P.D.F. Zero-Day Unleashes Trojan.Swaylib

 

 

 

 

Latest I.D.S.: 20130215.001.

 

 

 

Latest I.D.S.: 20130216.001.

 

Latest Virus Definitions: 02/18/2013, Rev. 17.

 

 

*Information Correct at Time of Posting*

 

 

 

 

Latest Virus Definitions: 02/19/2013, Rev. 003.  Please make sure you have this Set installed as soon as possible as there are multiple New Detections Added For This Release.

 

*Information Correct at Time Of Posting*

 

 

 

 

Latest I.D.S.: 20130221.001.

 

Latest V.D.: 02/21/2013, Rev. 033.

 

 

*Information Correct at Time Of Posting*

 

 

 

 

 

The report, APT1: Exposing One of China's Cyber Espionage Units, published by Mandiant earlier this week has drawn worldwide attention by both the security world and the general public. This interest is due to the conclusion the report has drawn regarding the origin of targeted attacks, using advanced persistent threats (A.P.T.), performed by a certain group of attackers dubbed the Comment Crew. You can read Symantec’s response to the report here.

 

Blog: Malicious Mandiant Report in Circulation

 

 

 

 

Adobe has released security updates for Adobe Reader and Acrobat XI (11.0.01 and Earlier) for Windows and Macintosh, X (10.1.5 and Earlier) for Windows and Macintosh, 9.5.3 and earlier 9.x Versions for Windows and Macintosh, and Adobe Reader 9.5.3 and Earlier 9.x versions for Linux.  These updates address vulnerabilities that could cause a crash and potentially allow an attacker to take control of the affected system.

 

Security Updates Available for Adobe Reader And Acrobat (APSB13-07)