Adobe

Adobe Reader, Acrobat and Flash Player Zero Day Vulnerability

24 Lug/09

adobeAdobe has issued a security advisory that describes a critical vulnerability in the current versions of Adobe Reader, Acrobat and Flash Player. The vulnerability “could cause a crash and potentially allow an attacker to take control of the affected system”. Adobe’s Flash Player seems to be affected completely while the file authplay.dll is the reason for the vulnerability affecting Adobe Reader and Acrobat as well. Adobe mentioned that the vulnerability is already exploited in the wild via targeted attacks against users running a Windows operating system and Adobe Reader 9.

Apple Mac and Unix systems are affected by the vulnerability as well but the exploit that is currently in the wild is only affecting Windows. Adobe suggests to enable UAC in Windows Vista (and Windows 7). Windows XP users should consider moving or deleting authplay.dll to protect their computer system from the threat against Adobe Reader and Acrobat “but users will experience a non-exploitable crash or error message when opening a PDF that contains SWF content”.

An alternative would be to uninstall Adobe Reader or Acrobat and install one of the available third party pdf readers like Foxit Reader or Sumatra.

Adobe does not offer any advise on the Flash Player vulnerability. The only viable option seems to be to disable or even uninstall Flash and wait for the patch which is expected to be released on July 30 and July 31.

Tags: , , , , , ,

Related posts

Continua a leggere – Original Link: Adobe Reader, Acrobat and Flash Player Zero Day Vulnerability

Technorati Tags: , , , , , , , , ,

Leggi Anche

Condividi
Condividi in DeliciousCondividi in DiggCondividi in RedditCondividi in StumbleCondividi in MixxCondividi in TecnoratiCondividi in Ok Notizie

Commenti

I commenti sono disabilitati per questo articolo.

I commenti sono chiusi.

Autore

    Spina Rosario
    Inserito da

Archivio

Iscrizione Newsletter

    Tieniti informato con tutte le novità del mondo informatico con la nostra newsletter
    Email:

    Nome:

    Auto Shop Italia
    Web Burning Blog
    Info Privacy

Meta