The Most Active and Friendliest
Affiliate Marketing Community Online!

“Adavice”/  “1Win

Adobe security vulnerabilities

D

djbaxter

Guest
Adobe Reader 9 and Acrobat 9 zero day exploited in the wild
by Dancho Danchev, ZDNet
February 20th, 2009

Yesterday, Adobe confirmed the existence of a critical vulnerability affecting Adobe Reader and Acrobat versions 9.0 and earlier, originally detected by the Shadowserver Foundation last week.

The onging targeted attacks have since been confirmed by both, Symantec and McAfee urging users to disable JavaScript in Adobe Reader and Acrobat until Adobe issues a patch on the 11th of March in the following way - Click: Edit -> Preferences -> JavaScript and uncheck Enable Acrobat JavaScript.

...more
 
Adobe Releases Patch for Vulnerabilities in Flash Player

Adobe Releases Patch for Vulnerabilities in Flash Player
MxLogic Threat Blog
February 25, 2009

Today, Adobe has released a patch to address several vulnerabilities within the Flash player (versions 10.0.12.36 and earlier) whereby a specially crafted SWF file could result in a buffer overflow that could allow an attacker to execute arbitrary code on the unpatched system. These patches are to fix an input validation issue that could result in a denial of service, mitigate a couple of clickjacking issues, and a potential privilege escalation issue.
 
Adobe swings and misses as PDF abuse worsens
by Ryan Naraine
February 25th, 2009

After more than two weeks (months?) of inexplicable silence on mitigations for a known code execution vulnerability in its Reader and Acrobat product lines, Adobe has finally posted public information on the problem but the company’s response falls well short of providing definitive mitigation guidance for end users.

Adobe’s response simply confirms what we already know and reiterates that turning off JavaScript will NOT eliminate the risk entirely. However, the company does not offer any definitive suggestions or workarounds, instead pointing to a list of anti-malware vendors blocking known attacks.

...more
 
banners
Back