|
Adobe released that a so far unpatched vulnerability has been used in recent targeted attacks. Flash Player 10.2.153.1 is vulnerable, as is the flash player component used to execute flash in Adobe Reader / Acrobat. Adobe Reader X is vulnerable bu but not exploitable. At this time, according to Adobe, the attack is performed using Flash files embedded in Word documents. Note that Flash may be embedded in other Office document formats like Excel. Adobe is not planning on an out of band patch at this point, as Adobe Reader X is not exploitable. [1] http://www.adobe.com/support/security/advisories/apsa11-02.html ------ |
Johannes 4476 Posts ISC Handler Apr 11th 2011 |
| Thread locked Subscribe |
Apr 11th 2011 1 decade ago |
|
I believe Acrobat Reader X is only not vulnerable if sandbox is enabled. I don't find anything that Reader X is not vulnerable if sandbox mode is not enabled. Do you have a link somewhere that describes this?
|
Anonymous |
| Quote |
Apr 11th 2011 1 decade ago |
|
A little clarification: According to the advisory, it's only Adobe Reader X for Windows that is not exploitable. Adobe Reader X for Mac is.
|
Anonymous |
| Quote |
Apr 11th 2011 1 decade ago |
|
Based on APSA11-02 it can be confusing. From what I read I agree Adobe X for Mac OSX is. They state
"We are in the process of finalizing a schedule for delivering updates for Flash Player 10.2.x and earlier versions for Windows, Macintosh, Linux, Solaris and Android, Adobe Acrobat X (10.0.2) and earlier 10.x and 9.x versions for Windows and Macintosh, Adobe Reader X (10.0.2) for Macintosh, and Adobe Reader 9.4.3 and earlier 9.x versions for Windows and Macintosh. Because Adobe Reader X Protected Mode would prevent an exploit of this kind from executing, we are currently planning to address this issue in Adobe Reader X for Windows with the next quarterly security update for Adobe Reader, currently scheduled for June 14, 2011." If I remember correctly protected mode in MAC OSX is not fully implemented. May be useful but cannot remember off hand. --> http://learn.adobe.com/wiki/display/security/Protected+Mode+FAQ |
drStrangeP0rk 11 Posts |
| Quote |
Apr 11th 2011 1 decade ago |
|
Hm, kind of deja-vu (Flah embedded into a DOC) looking at the RSA issue which has been claimed to be fixed: http://blogs.rsa.com/rivner/anatomy-of-an-attack/
|
Anonymous |
| Quote |
Apr 12th 2011 1 decade ago |
|
The problem with Adobe's approach of using the sandbox as a crutch is that not everyone can use Protected Mode since it is still buggy. For example, try embedding a PDF into a Word document while having Reader X installed and Protected Mode enabled.
|
Anonymous |
| Quote |
Apr 12th 2011 1 decade ago |
|
Is it just me or is their 'about' page no longer working?
http://www.adobe.com/products/flash/about/ |
K-Dee 68 Posts |
| Quote |
Apr 12th 2011 1 decade ago |
|
http://www.adobe.com/products/flash.html seems to be the new page which I was redirected to. It might be your browser is not taking the redirect due to a plugin (if it is firefox). If not, no clue. Better check for the Adobe root kit LOL.
|
Al of Your Data Center 80 Posts |
| Quote |
Apr 12th 2011 1 decade ago |
|
Yeah I am redirected there as well..... but that page doesn't tell me anything about the version of Flash that I am running....
|
K-Dee 68 Posts |
| Quote |
Apr 12th 2011 1 decade ago |
|
K-Dee, the 'about' page for Flash Player is now:
http://www.adobe.com/software/flash/about/ |
AE1 2 Posts |
| Quote |
Apr 12th 2011 1 decade ago |
|
Thanks AE1!
|
K-Dee 68 Posts |
| Quote |
Apr 12th 2011 1 decade ago |
Sign Up for Free or Log In to start participating in the conversation!
https://www.sans.edu
