New Zero-Day Vulnerabilities
When it comes to malware exploits, Adobe’s Flash and PDF software can’t seem to catch a break recently.
Recently a vulnerability was found in both Mac and Windows versions of Adobe’s Acrobat and Reader products that could allow an attacker to crash the programs and gain control of the system. So far only attacks on Windows machines have been found, but Mac systems could be affected as well.
Now two similar vulnerabilities have been found in Adobe’s Flash Player, which likewise could result in arbitrary code being executed on the system.
Apparently the vulnerability bypasses antiexploitation features in Windows such as DEP and ASLR, and can get around the Internet Explorer sandbox (there is no information on how other browsers handle the issue).
While Intevydis has so far shown the exploit on Windows machines, apparently it works in OS X as well.
So far Adobe has only addressed these exploits for version 9.x of its Reader and Acrobat products for Windows; fixes for the other versions are due in about a month’s time. Adobe has not yet issued a response to the current findings regarding Flash Player.
If one heavily utilizes Adobe Flash Player, it may be wise to find an interim alternative to block unwanted Flash considering this:
Unlike malware that is directly downloaded to a system and scanned, these malware attempts run through the Flash Player or Adobe Reader programs themselves, making it harder for malware scanners to detect them.
So should Adobe be moving faster to address this issue or is the risk overstated?
- Two zero-day vulnerabilities found in Flash Player (infoworld.com)
- Adobe warns of attacks using Reader on Windows | Security – CNET News (fourbluehills.com)
- Adobe Releases Updates for Adobe Reader and Acrobat (netsecurityit.wordpress.com)
Posted on December 13, 2011, in Adobe, Cybersecurity, Hacking, Security, vulnerability and tagged Address space layout randomization, Adobe, Adobe Acrobat, Adobe Flash Player, Adobe Systems, Internet Explorer, Microsoft Windows, Windows. Bookmark the permalink. 1 Comment.