Zero-Day Flash/Acrobat Exploit Seen in the Wild
- Saturday, June 5, 2010, 22:35
- Threat Research
On Friday, Adobe released a security advisory announcing a zero-day exploit found in specific Adobe Flash Player versions. Tagged as critical, the vulnerability (CVE-2010-1297) causes the application to crash. Potentially, the underlying vulnerability could also be used to run arbitrary code such as downloading/dropping malicious files onto an affected system.
Currently, all released 10.0.x and 9.0.x versions of Flash, including the current version (10.0.45.2), are vulnerable. In addition, because the vulnerable component is also used by Adobe’s PDF products, both Acrobat and Reader versions 9.3.2 and earlier that belong to the 9.x family are also affected. The previous 8.x versions of Acrobat and Reader are not affected.
Malicious files exploiting this vulnerability have already been encountered by Trend Micro and are now detected as TROJ_PIDIEF.WX.
No date for a patch has been announced by Adobe. However, Adobe offers two potential workarounds, one for Flash and another for Acrobat/Reader. In the former case, users can download the 10.1 version, which is already available for download, although officially it has not been released for public use and remains at Release Candidate status.
For the latter, users can manually delete the vulnerable component. However, when this is done, all Flash content within .PDF files cannot be opened. Users may see a crash or error message although the exploit will not be triggered.
Trend (continue reading...)
Since the beginning of the year, Adobe and Microsoft have been under a bad light since most of the most recent attacks notably exploited the two companies’ software vulnerabilities. Adobe Reader and Acrobat, in particular, are currently cybercriminals’ favorite targets. When news that Adobe would .