According to our friends over at Shadowserver, There is a new Acrobat 0-day in the wild. They say you can avoid it by turning off Javascript inside of your Adobe Acrobat products. Please see Shadowserver's write up: here for more information -- Joel Esler http://www.joelesler.net |
Joel 454 Posts Feb 20th 2009 |
Thread locked Subscribe |
Feb 20th 2009 1 decade ago |
Can hardly believe an Adobe patch will be out for this exploit March 11th, that's almost 3 weeks!
Excuse my french - wtf...! |
Brian 3 Posts |
Quote |
Feb 20th 2009 1 decade ago |
Yeah, but then again it's a Java problem, and anything Java=related is notoriously slow
![]() |
Lee 21 Posts |
Quote |
Feb 20th 2009 1 decade ago |
It's not really a JAVA problem.
In this specific case it is, but, as far as i understand, JAVA is not needed to exploit the mentioned issue. So other working exploits will come up, not using JAVA, but getting a lot of users into trouble. |
Manuel 2 Posts |
Quote |
Feb 21st 2009 1 decade ago |
\"Friends\" at ShadowServer???
And you should really disclose relationships before you brag up VRT. |
Ken 40 Posts |
Quote |
Feb 21st 2009 1 decade ago |
Relationships? Like, \"Hey, I work for Sourcefire\"?
|
Joel 454 Posts |
Quote |
Feb 22nd 2009 1 decade ago |
java has nothing to do with this exploit or the mechanics of the exploits floating around. Attackers are using javaSCRIPT to massage the heap to allow for more reliable exploitation. Disabling that removes that capability from their tool chest, and that in turn makes the exploit much much harder to accomplish.
|
AndreL 56 Posts |
Quote |
Feb 23rd 2009 1 decade ago |
I found this nugget of joy on the VRT blog especially disturbing. "Oh, by the way, I forgot to mention. If you happen to open an explorer window, or a browser window, or anything at all that even has the ICON of the pdf file, you're owned." This may be a silly comment but is disabling JS really going to help that much. It will simply ask them if they want to re-enable. They will say yes and be owned anyway.
|
Anonymous |
Quote |
Feb 23rd 2009 1 decade ago |
Sign Up for Free or Log In to start participating in the conversation!