Threat Level: green Handler on Duty: Brad Duncan

SANS ISC: Adobe Patches SANS ISC InfoSec Forums

Participate: Learn more about our honeypot network
https://isc.sans.edu/honeypot.html

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Adobe Patches

Rumor has it that there is an Adobe Reader (PDF) zero-day. Google "Group IB zero day", and you'll find all the news outlets quoting each other. We don't have a sample PDF yet. If you have one, please share.  Needless to say that a PDF exploit is serious, and if indeed embedded in the Blacole exploit kit, is even more serious.  Not that the bad guys need PDF though .. it looks to me like 70% of the Internet is anyway still vulnerable to CVE2012-4681 (Java JRE), which has been in Blacole since late August.

Not a rumor: Flash Player has a couple of serious vulnerabilities, and Adobe has the patches: https://www.adobe.com/support/security/bulletins/apsb12-24.html   Not that this is news, really. Adobe browser plugin products NOT having serious vulnerabilities for a change .. now THAT would be news.
 

 

Daniel

375 Posts
ISC Handler
Nov 8th 2012

Sign Up for Free or Log In to start participating in the conversation!