WARNING: Adobe Acrobat, Flash and Reader Zero Day Vulnerability

happygeek 0 Tallied Votes 351 Views Share

Adobe has issued a security advisory following the discovery of what it describes as a "critical vulnerability" which exists within the current versions of Flash Player (v9.0.159.0 and v10.0.22.87) across all platforms, Windows, Macintosh and Linux operating systems, The same vulnerability can be found within the authplay.dll component that ships with Adobe Reader and Acrobat v9.x for Windows, Macintosh and UNIX operating systems and has the potential to cause a crash which could then allow an attacker to take control of the system. Well, I say potential, but Adobe admits that there are "reports that this vulnerability is being actively exploited in the wild via limited, targeted attacks against Adobe Reader v9 on Windows".

Adobe goes on to confirm that it is "developing a fix" which it expects to be available by way of software upgrade by the 30th of July for Flash Player v9 and v10 for Windows, Macintosh, and Linux at least. Users of Flash Player v9 and v10 for Solaris will need to wait a while longer it would seem, and a confirmed date for the security update is still pending. Adobe Reader and Acrobat v9.1.2 updates for Windows and Macintosh users should be available on 31st July, although once more the date for Adobe Reader for UNIX users is pending.

In order to mitigate the threat in the meantime, Adobe recommends deleting, renaming, or removing access to the authplay.dll file that ships with Adobe Reader and Acrobat v9.x although this will mean that users will "experience a non-exploitable crash or error message when opening a PDF that contains SWF content" which is nice. Vista users are being told to enable the User Access Control and exercise caution when browsing untrusted websites. Disabling JavaScript will not, I am led to believe, protect against the exploit on this occasion.

Depending on the product, the authplay.dll that ships with Adobe Reader and Acrobat 9.x for Windows is typically located at C:\Program Files\Adobe\Reader 9.0\Reader\authplay.dll or C:\Program Files\Adobe\Acrobat 9.0]\Acrobat\authplay.dll.

The fact that the exploit is already being exploited both in the form of suspect PDF docs and drive-by download websites is truly worrying, as is the cross platform nature of the vulnerability which is just as likely to impact Firefox users as it is those with Internet Explorer.

My advice? Stop using Acrobat, Flash Player and Reader until Adobe gets its security act together once and for all. Advice that I have been giving to anyone who will listen for a few months now.

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, learning, and sharing knowledge.