 |  |  |  |  |  |  |  |
WARNING: Adobe Acrobat, Flash and Reader Zero Day Vulnerability
Adobe has issued a security advisory following the discovery of what it describes as a "critical vulnerability" which exists within the current versions of Flash Player (v9.0.159.0 and v10.0.22.87) across all platforms, Windows, Macintosh and Linux operating systems, The same vulnerability can be found within the authplay.dll component that ships with Adobe Reader and Acrobat v9.x for Windows, Macintosh and UNIX operating systems and has the potential to cause a crash which could then allow an attacker to take control of the system. Well, I say potential, but Adobe admits that there are "reports that this vulnerability is being actively exploited in the wild via limited, targeted attacks against Adobe Reader v9 on Windows".
Adobe goes on to confirm that it is "developing a fix" which it expects to be available by way of software upgrade by the 30th of July for Flash Player v9 and v10 for Windows, Macintosh, and Linux at least. Users of Flash Player v9 and v10 for Solaris will need to wait a while longer it would seem, and a confirmed date for the security update is still pending. Adobe Reader and Acrobat v9.1.2 updates for Windows and Macintosh users should be available on 31st July, although once more the date for Adobe Reader for UNIX users is pending.
In order to mitigate the threat in the meantime, Adobe recommends deleting, renaming, or removing access to the authplay.dll file that ships with Adobe Reader and Acrobat v9.x although this will mean that users will "experience a non-exploitable crash or error message when opening a PDF that contains SWF content" which is nice. Vista users are being told to enable the User Access Control and exercise caution when browsing untrusted websites. Disabling JavaScript will not, I am led to believe, protect against the exploit on this occasion.
Depending on the product, the authplay.dll that ships with Adobe Reader and Acrobat 9.x for Windows is typically located at C:\Program Files\Adobe\Reader 9.0\Reader\authplay.dll or C:\Program Files\Adobe\Acrobat 9.0]\Acrobat\authplay.dll.
The fact that the exploit is already being exploited both in the form of suspect PDF docs and drive-by download websites is truly worrying, as is the cross platform nature of the vulnerability which is just as likely to impact Firefox users as it is those with Internet Explorer.
My advice? Stop using Acrobat, Flash Player and Reader until Adobe gets its security act together once and for all. Advice that I have been giving to anyone who will listen for a few months now.
Adobe goes on to confirm that it is "developing a fix" which it expects to be available by way of software upgrade by the 30th of July for Flash Player v9 and v10 for Windows, Macintosh, and Linux at least. Users of Flash Player v9 and v10 for Solaris will need to wait a while longer it would seem, and a confirmed date for the security update is still pending. Adobe Reader and Acrobat v9.1.2 updates for Windows and Macintosh users should be available on 31st July, although once more the date for Adobe Reader for UNIX users is pending.
In order to mitigate the threat in the meantime, Adobe recommends deleting, renaming, or removing access to the authplay.dll file that ships with Adobe Reader and Acrobat v9.x although this will mean that users will "experience a non-exploitable crash or error message when opening a PDF that contains SWF content" which is nice. Vista users are being told to enable the User Access Control and exercise caution when browsing untrusted websites. Disabling JavaScript will not, I am led to believe, protect against the exploit on this occasion.
Depending on the product, the authplay.dll that ships with Adobe Reader and Acrobat 9.x for Windows is typically located at C:\Program Files\Adobe\Reader 9.0\Reader\authplay.dll or C:\Program Files\Adobe\Acrobat 9.0]\Acrobat\authplay.dll.
The fact that the exploit is already being exploited both in the form of suspect PDF docs and drive-by download websites is truly worrying, as is the cross platform nature of the vulnerability which is just as likely to impact Firefox users as it is those with Internet Explorer.
My advice? Stop using Acrobat, Flash Player and Reader until Adobe gets its security act together once and for all. Advice that I have been giving to anyone who will listen for a few months now.
Similar Threads
- Adobe Flash "Vulnerability" = My computer DEAD! HELP! (Viruses, Spyware and other Nasties)
- Adobe Acrobat 6.0 - not opening (Windows NT / 2000 / XP)
- Acrobat Reader 8 Install Problems (Windows Vista and Windows 7)
- Adobe Acrobat and Acrobat Reader (Windows Software)
| Thread Tools | Search this Thread |
You need to join our community in order to build your list of favorite forums. You can visit the forum index for a listing of all forums.
Related Forum Features
Latest Network Security Posts
- Today's Posts
- Unanswered Threads
adobe advertising age amd apple avatar bluegene botnet browser business cellphone china chips copyright crime data database development dos downloads economy email encryption energy enterprise facebook firefox flash free games gaming google government hacker hacking hardware ibm ibm.news intel intelibm internet iphone ipod itunes law legal linux mac malware marketing medicine memory microsoft mobile mozilla music news office openoffice opensource os pc pdf piracy porn privacy ps3 recession redhat report research russia search security sex socialnetworking software sony spam sun supercomputer supercomputing survey technology trends trojan twitter ubuntu uk video virus vista web windows windows7 working worm x86 xbox youtube
