Acrobat, Adobe Reader & Flash updated for critical security fixes
Filed under: Software, Security
In response to two critical vulnerabilities in Acrobat and Adobe Reader 9.3, yesterday Adobe released the 9.3.1 update for both applications; users of the older 8.x versions can update to 8.2.1 to resolve the security issues. One of the two vulnerabilities addressed would allow a malicious PDF to make unauthorized cross-domain requests; the other could crash the PDF application and possibly allow an attacker to gain access to other parts of the system.
The first flaw is related to a Flash Player issue that was revealed last week; if you have not updated Flash to the latest version (10.0.45.2 as of this moment, see your version & current versions here) & you aren't blocking Flash, you should go get the latest build right away. Although you can configure auto-update notifications in Flash Player, it's not clear if Mac OS X clients are consistently getting these reminders to update.
Even though Mac users are far less likely to be targeted by malware than our Windows-using friends and family, vigilance is still critical. Security analysis firm ScanSafe reported that it saw the percentage of exploits delivered via PDF files rise from 56% at the beginning of 2009 all the way up to 80% in the 4th quarter, so keeping those Adobe apps current -- or, better yet, using Apple's Preview app as the default PDF reader on Mac OS X -- is only prudent.
Acrobat, Adobe Reader & Flash updated for critical security fixes originally appeared on The Unofficial Apple Weblog (TUAW) on Wed, 17 Feb 2010 12:30:00 EST. Please see our terms for use of feeds.
Acrobat, Adobe Reader & Flash updated for critical security fixes originally appeared on The Unofficial Apple Weblog (TUAW) on Wed, 17 Feb 2010 12:30:00 EST. Please see our terms for use of feeds.
Read | Permalink | Email this | Comments
Mac OS X ::
tuaw
Povezani zapisi:
09-09-2010 10:43
Adobe has issued a new security advisory concerning Adobe Acrobat, its line of PDF software. All current versions of Reader and Acrobat are known to be vulnerable, across all supported platforms–Windows and Mac for Acrobat, and Windows, Mac, and Unix for Reader. According to the advisory, an attacker could use the vulnerability to “to take control of the affected system”, meaning random code could be executed on user systems.
Trend Micro has already found malicious files that exploit this vulnerability. These are detected as TROJ_PIDIEF.WM. In turn, this file drops a downloader (TROJ_DLOADR.WM) which leads to another downloader, TROJ_CHIFRAX.BU. More PIDIEF variants that exploit this vulnerability are sure to be spotted in the next few days.
The URLs where TROJ_CHIFRAX.BU is located and downloads malware from are currently unavailable. Curiously, even if the website was registered on the .US top-level domain, WHOIS records indicate the registrant is in Hong Kong. In addition, the servers that actually host the site are located in Germany and the United States. This indicates that some effort was placed into hiding the actual persons responsible for this attack.
In addition, the dropped malicious file is signed, much like the earlier Stuxnet malware. This time, the certificate of a legitimate American credit union was used:
Adobe has not stated when security updates will be made available, saying only that they are “evaluating the schedule” for a potential fix. They have advised their users to keep their anti-virus software updated to protect themselves until a fix is made available.
This is the second major zero-day vulnerability that Adobe has had to deal with in 2010. The first one, which affected both Acrobat and Flash, was discussed in the Malware Blog in the post Zero-Day Flash/Acrobat Exploit Seen in the Wild. The timeline of that particular incident–where a flaw revealed early in the month was fixed by the end of the month–suggests a fix will come in the next few weeks.
Trend Micro protects users from this attack via its Trend Micro Smart Protection NetworkTM that detects the malicious files currently exploiting this vulnerability, as well as blocking the URLs related to this threat.
Post from: TrendLabs | Malware Blog - by Trend Micro
New Zero-Day Adobe Acrobat Vulnerability Exploited
trendmicro
09-09-2010 10:00
k3vin mitnick has discovered a vulnerability in www.flashpageflip.com, which could be exploited by malicious people to conduct XSS attacks.
XSSed
09-08-2010 23:49
Osnovna svrha firewall-a je da kontroliše internet veze, podjednako dolazne i odlazne.Prilikom instaliranja Eset smart security-a njegov firewall biva po difoltu instaliran u automatic modu.Šta to znači? Znači da će on sam odlučivati prema svojim definicijama da li da dozvoli konekciju ili ne.Svakom programu koji se ne smatra pretnjom biće automatski dozvoljena konekcija.U interaktiv modu svaku vezu mora korisnik da dozvoli, bilo da je to windozin update ili neki program.ESS 4 ima genijalan fir...
ES::Zastita
09-08-2010 21:53
[quote][url=/p2689084]mocnisima[/url]: Nema potrebe za drugim programom pored Eseta.Ovo je osnovna namena firewall-a.[/quote]
Detaljno lupi uputstvo ako mislis/znas da moze jer vidis da je covek napisao da ne zna kako to da uradi u Esetu.
Npr ovo bi bilo od velike pomoci: http://tiny.cc/y329e
Ja sam okacio program koji ce mu na najednostavniji nacin zavrsiti posao (desni klik na proces koji zeli i onemoguci koriscenje interneta).
ES::Zastita
