Texas A&M AgriLife IT Security
Texas A&M AgriLife IT SecurityLatest IT news & tips to keep your computer safe

Vulnerability in Adobe Reader -version 9.3.2 – currently unpatched

by Leave a Comment

http://secunia.com/advisories/40034/

Criticality level        Extremely critical
Impact     System access        
Where     From remote
Solution Status     Unpatched

Description
A vulnerability has been reported in Adobe Reader/Acrobat, which can be exploited by malicious people to compromise a user’s system.

The vulnerability is caused due to a vulnerable bundled version of Flash Player (authplay.dll).

For more information:
SA40026

Successful exploitation allows execution of arbitrary code.

The vulnerability is reported in version 9.3.2 and earlier 9.x versions for Windows, Macintosh, and UNIX.

NOTE: The vulnerability is currently being actively exploited.

Update:

Everything I am reading seems to indicate this is actually a vulnerability in the version 10.0.45.2 of Flash and there is a common component that is also included in reader. So, this will probably require patches for both products before it is addressed.

http://www.adobe.com/support/security/advisories/apsa10-01.html
A critical  vulnerability exists in Adobe Flash Player 10.0.45.2 and earlier versions for Windows, Macintosh, Linux and Solaris operating systems, and the authplay.dll component that ships with Adobe Reader and Acrobat 9.x for Windows, Macintosh and UNIX operating systems. This vulnerability (CVE-2010-1297) could cause a crash and potentially allow an attacker to take control of the affected system. There are reports that this vulnerability is being actively exploited in the wild against both Adobe Flash Player, and Adobe Reader and Acrobat. This advisory will be updated once a schedule has been determined for releasing a fix.

Affected software versions

Adobe Flash Player 10.0.45.2, 9.0.262, and earlier 10.0.x and 9.0.x versions for Windows, Macintosh, Linux and Solaris
Adobe Reader and Acrobat 9.3.2 and earlier 9.x versions for Windows, Macintosh and UNIX

Update – June 8
As of now, a patch (for FLASH) is expected from Adobe on June 10. The Acrobat/Reader patch is not expected until June 29.

http://threatpost.com/en_us/blogs/adobe-release-flash-patch-june-10-060810
Adobe said on Monday that it will have a patch available for the newly discovered critical vulnerability in Flash ready by June 10 for most platforms. The patches for Adobe Reader and Acrobat, which also are affected by the flaw, won’t be released until June 29.

Patch for Adobe Reader version 9.3 – update to version 9.3.1

by Leave a Comment

Adobe released a patch for Reader yesterday. I was not able to see that the download site is distributing 9.3.1. But if you do a check for updates after starting reader you should get 9.3.1

As a side note:
http://2mw.mcafee.com/2minutebroadcast.asp
Adobe Rushes Out Patch for Critical Vulnerabilities in Reader, Acrobat

Adobe has released updates for all versions and all operating systems of Acrobat and Reader. The updates are meant to address two vulnerabilities.

The first vulnerability is a Flash vulnerability addressed last week, and is necessary because PDFs can host Flash content. The vulnerability could be exploited to subvert the domain sandbox and make unauthorized cross-domain requests. The second is a critical vulnerability that could cause a crash and potentially allow remote code execution.

Users should update to versions 9.3.1 or 8.2.1.

Coincidentally, a 2009 Global Threat Report from ScanSafe shows that in the 4th quarter of 2009 80% of all web-based exploits were malicious PDFs. It’s not surprising that the PDF number is large, but this number is so large it’s hard to believe, especially in as much as Flash exploits were 18%.

But the underlying issue is spot-on: PDFs and Flash are currently the avenue of choice for malware on the web.

Unpatched vulnerability in Adobe Reader 9.1.2

by Leave a Comment

http://secunia.com/advisories/35949/2/

Critical:     Extremely critical
Impact:     System access
Where:         From remote
Solution Status:     Unpatched
Software: Adobe Acrobat 9.x
 Adobe Reader 9.x

Description:
A vulnerability has been reported in Adobe
Reader and Acrobat, which can be exploited by malicious people to
compromise a user’s system.

The vulnerability is caused due to an error in authplay.dll when
processing SWF content and can be exploited to execute arbitrary code.

Solution:
Do not open untrusted PDF documents. The vendor recommends removing access to the authplay.dll library.

Updates will reportedly be available for Windows and Macintosh versions by July 31.