x404.co.uk :: View topic - Adobe Zero Day under attack

x404.co.uk http://www.x404.co.uk/forum/

Adobe Zero Day under attack http://www.x404.co.uk/forum/viewtopic.php?f=19&t=10565	Page 1 of 1

Author:

big_D [ Tue Sep 14, 2010 8:17 am ]

Post subject:

Adobe Zero Day under attack

ZDNet Clicky

The flaw in Flash Player 10.1.82.76 and earlier and Adobe Acrobat and Reader 9.3.4 (current version) and earlier on Windows (all versions), OS X, Linux. Solaris and Android.


	adobe wrote: This vulnerability (CVE-2010-2884) could cause a crash and potentially allow an attacker to take control of the affected system. There are reports that this vulnerability is being actively exploited in the wild against Adobe Flash Player. Adobe is not aware of any attacks exploiting this vulnerability against Adobe Reader or Acrobat to date.

Looking at the problem, it looks like the Reader/Acrobat side of the problem is due to the fact that you can embed a Flash "document" inside a PDF file.

The only systems which don't seem to be affected are Windows Mobile and Apple's iOS - neither of which support Flash.

Author:	big_D [ Tue Sep 14, 2010 12:53 pm ]
Post subject:	Re: Adobe Zero Day under attack
Update: Adobe to release patch for Flash on 27th September. According to CNet, a patch for Adobe Reader and Acrobat should appear on the 4th October, as Adobe move their quarterly patch cycle date forward. Edit: Microsoft release a patch to block the flaw on Windows machines.

Page 1 of 1	All times are UTC
Powered by phpBB® Forum Software © phpBB Group https://www.phpbb.com/