View Single Post
  #1 (permalink)  
Old September 9, 2010, 12:38 PM
jay51 jay51 is offline
Hall Of Fame
 
Join Date: Apr 2008
Location: Saskatchewan
Posts: 1,122

My System Specs

Default Adobe Reader zero-day attack now with stolen certificate

Today Adobe put out an advisory for a previously unknown zero-day in its PDF Reader/Acrobat software. This vulnerability is actively being exploited in the wild.
Adobe Reader zero-day attack – now with stolen certificate - Securelist
Quote:
Security Advisory for Adobe Reader and Acrobat

Release date: September 8, 2010
Vulnerability identifier: APSA10-02
CVE number: CVE-2010-2883
Platform: All
Summary

A critical vulnerability exists in Adobe Reader 9.3.4 and earlier versions for Windows, Macintosh and UNIX, and Adobe Acrobat 9.3.4 and earlier versions for Windows and Macintosh. This vulnerability (CVE-2010-2883) could cause a crash and potentially allow an attacker to take control of the affected system. There are reports that this vulnerability is being actively exploited in the wild.
Adobe is in the process of evaluating the schedule for an update to resolve this vulnerability.
Affected software versions

Adobe Reader 9.3.4 and earlier versions for Windows, Macintosh and UNIX, and Adobe Acrobat 9.3.4 and earlier versions for Windows and Macintosh.
Severity rating

Adobe categorizes this as a critical issue.
Details

A critical vulnerability exists in Adobe Reader 9.3.4 and earlier versions for Windows, Macintosh and UNIX, and Adobe Acrobat 9.3.4 and earlier versions for Windows and Macintosh. This vulnerability (CVE-2010-2883) could cause a crash and potentially allow an attacker to take control of the affected system. Adobe is aware of public exploit code for this vulnerability.
Adobe is in the process of evaluating the schedule for an update to resolve this vulnerability.
Adobe actively shares information about this and other vulnerabilities with partners in the security community to enable them to quickly develop detection and quarantine methods to protect users until a patch is available. As always, Adobe recommends that users follow security best practices by keeping their anti-malware software and definitions up to date
another reason to use foxit reader.
__________________
http://valid.canardpc.com/show_oc.php?id=932179

"Be so good at what you do that you cant be ignored"

Reply With Quote