News: Cexx forums, with volunteers dedicated to helping you remove malware and stay protected
 
Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
April 24, 2014, 22:09:56
Pages: 1 [2] 3 4   Go Down
  Print  
Topic: Adobe exploits-in-the-wild...  (Read 17989 times)
0 Members and 1 Guest are viewing this topic.
« Reply #15 on: August 04, 2010, 05:06:08 »
AplusWebMaster Offline
Global Moderator WWW

Karma: 501
Posts: 7980



FYI...

Adobe Reader 0-day, again...
- http://www.theregister.co.uk/2010/08/04/critical_adobe_reader_vuln/
4 August 2010 - "... yet another vulnerability in Adobe Reader that allows hackers to execute malicious code on computers by tricking their users into opening booby-trapped files... Brad Arkin, senior director of product security and privacy at Adobe, said members of the company's security team attended Miller's talk and have since confirmed his claims that the vulnerability can lead to remote code execution. The team is in the process of developing a patch and deciding whether to distribute it during Adobe's next scheduled update release or as an “out-of-band” fix that would come out in the next few weeks..."
- http://blogs.adobe.com/adobereader/

- http://secunia.com/advisories/40766/
Last update: 2010-08-06
Criticality level: Highly critical
Impact:   System access
Where: From remote
Solution Status: Unpatched...
... Successful exploitation may allow execution of arbitrary code. The vulnerability is confirmed in Adobe Reader versions 8.2.3 and 9.3.3 and Adobe Acrobat version 9.3.3. Other versions may also be affected...

- http://www.adobe.com/support/security/bulletins/apsb10-17.html
August 5, 2010 - "Adobe is planning to release updates for Adobe Reader 9.3.3 for Windows, Macintosh and UNIX, Adobe Acrobat 9.3.3 for Windows and Macintosh, and Adobe Reader 8.2.3 and Acrobat 8.2.3 for Windows and Macintosh to resolve critical security issues, including CVE-2010-2862... Adobe expects to make these updates available during the week of August 16, 2010... Note that these updates represent an out-of-band release. Adobe is currently scheduled to release the next quarterly security update for Adobe Reader and Acrobat on October 12, 2010..."
- http://blogs.adobe.com/psirt/2010/08/pre-notification-out-of-band-security-updates-for-adobe-reader-and-acrobat.html
___

- http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2862
Last revised: 08/21/2010

Adobe Reader v9.3.4 released
- http://boards.cexx.org/index.php?topic=17585.msg81286#msg81286

Shocked
« Last Edit: August 23, 2010, 07:08:44 by AplusWebMaster » Logged

This machine has no brain.
....... Use your own.
Browser check for updates here.
.
« Reply #16 on: September 08, 2010, 07:57:54 »
AplusWebMaster Offline
Global Moderator WWW

Karma: 501
Posts: 7980



FYI...

- http://www.adobe.com/support/security/advisories/apsa10-02.html
September 13, 2010 - "... A critical vulnerability exists in Adobe Reader 9.3.4 and earlier versions for Windows, Macintosh and UNIX, and Adobe Acrobat 9.3.4 and earlier versions for Windows and Macintosh. This vulnerability (CVE-2010-2883) could cause a crash and potentially allow an attacker to take control of the affected system. There are reports that this vulnerability is being actively exploited in the wild..."
- http://isc.sans.edu/diary.html?storyid=9523
Last Updated: 2010-09-08 18:03:06 UTC
- http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2883
Last revised: 09/10/2010 - "... exploited in the wild in September 2010..."
CVSS v2 Base Score: 9.3

Adobe Reader/Acrobat vuln... unpatched
- http://secunia.com/advisories/41340/
Release Date: 2010-09-08
Criticality level: Extremely critical
Impact:   System access
Where: From remote
Solution Status: Unpatched ...
...vulnerability is confirmed in versions 8.2.4 and 9.3.4. Other versions may also be affected.
NOTE: The vulnerability is currently being actively exploited.
Solution: Do not open untrusted files.
Provided and/or discovered by: Reported as a 0-day....

- http://www.virustotal.com/file-scan/report.html?id=d55aa45223606db795d29ab9e341c1c703e5a2e26bd98402779f52b6c2e9da2b-1283972909
File name: Golf Clinic.pdf
Submission date: 2010-09-08 19:08:29 (UTC)
Result: 11/43 (25.6%)

(Better)...
- http://www.virustotal.com/file-scan/report.html?id=d55aa45223606db795d29ab9e341c1c703e5a2e26bd98402779f52b6c2e9da2b-1284031469
File name: Golf Clinic.pdf
Submission date: 2010-09-09 11:24:29 (UTC)
Result: 21/43 (48.8%)

 Shocked
« Last Edit: September 14, 2010, 02:06:54 by AplusWebMaster » Logged

This machine has no brain.
....... Use your own.
Browser check for updates here.
.
« Reply #17 on: September 14, 2010, 02:08:20 »
AplusWebMaster Offline
Global Moderator WWW

Karma: 501
Posts: 7980



FYI...

0-day Flash vuln "exploit in the wild"...
- http://www.adobe.com/support/security/advisories/apsa10-03.html
September 13, 2010 - "... A critical vulnerability exists in Adobe Flash Player 10.1.82.76 and earlier versions for Windows, Macintosh, Linux, Solaris, and Android operating systems. This vulnerability also affects Adobe Reader 9.3.4 for Windows, Macintosh and UNIX, and Adobe Acrobat 9.3.4 and earlier versions for Windows and Macintosh. This vulnerability (CVE-2010-2884*) could cause a crash and potentially allow an attacker to take control of the affected system. There are reports that this vulnerability is being actively exploited in the wild against Adobe Flash Player on Windows. Adobe is not aware of any attacks exploiting this vulnerability against Adobe Reader or Acrobat to date.
We are in the process of finalizing a fix for the issue and expect to provide an update for Adobe Flash Player for Windows, Macintosh, Linux, Solaris, and Android operating systems during the week of September 27, 2010.
We expect to provide updates for Adobe Reader 9.3.4 for Windows, Macintosh and UNIX, and Adobe Acrobat 9.3.4 for Windows and Macintosh during the week of October 4, 2010..."
- http://isc.sans.edu/diary.html?storyid=9544
Last Updated: 2010-09-14 00:40:35 UTC

* http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2884
- http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2884
Last revised: 09/18/2010 - "... as exploited in the wild in September 2010..."
CVSS v2 Base Score: 9.3 (HIGH)

- http://secunia.com/advisories/41434/
Release Date: 2010-09-14
Criticality level: Extremely critical
Impact:   System access
Where: From remote
Solution Status: Unpatched ...

- http://securitytracker.com/alerts/2010/Sep/1024432.html
Sep 14 2010

 Exclamation
« Last Edit: September 19, 2010, 17:45:05 by AplusWebMaster » Logged

This machine has no brain.
....... Use your own.
Browser check for updates here.
.
« Reply #18 on: September 19, 2010, 04:45:05 »
AplusWebMaster Offline
Global Moderator WWW

Karma: 501
Posts: 7980



FYI...

Adobe Reader/Acrobat v9.4 update released
- http://boards.cexx.org/index.php?topic=17585.msg81469#msg81469
October 5, 2010
___

Flash Player v10.1.85.3 released
- http://boards.cexx.org/index.php?topic=17585.msg81427#msg81427
Sep. 20, 2010
___

Flash update 2010.09.20 ...
- http://www.adobe.com/support/security/advisories/apsa10-03.html
Last updated: September 17, 2010 - "... We now expect to provide an update for Adobe Flash Player for Windows, Macintosh, Linux, Solaris, and Android operating systems on Monday September 20, 2010. A fix is now available for Google Chrome users. Chrome users can update to Chrome 6.0.472.62. To verify your current Chrome version number and update if necessary, follow the instructions here: http://googlechromereleases.blogspot.com/2010/09/stable-beta-channel-updates_17.html (September 17, 2010). We expect to provide updates for Adobe Reader 9.3.4 for Windows, Macintosh and UNIX, and Adobe Acrobat 9.3.4 for Windows and Macintosh during the week of October 4, 2010..."
- http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2884
Last revised: 09/18/2010 - "... as exploited in the wild in September 2010..."
CVSS v2 Base Score: 9.3 (HIGH)
- http://xforce.iss.net/xforce/xfdb/61771
September 18, 2010 - High Risk

** http://www.google.com/support/chrome/bin/answer.py?hl=en&answer=95414
"...You can tell if updates are available if the wrench icon on the browser toolbar has a little orange dot: update notification. To apply the update, just close and restart the browser..."

- http://blogs.adobe.com/psirt/2010/09/schedule-update-to-security-advisory-for-adobe-flash-player-apsa-10-03.html

 Exclamation
« Last Edit: October 05, 2010, 16:40:19 by AplusWebMaster » Logged

This machine has no brain.
....... Use your own.
Browser check for updates here.
.
« Reply #19 on: October 22, 2010, 06:01:43 »
AplusWebMaster Offline
Global Moderator WWW

Karma: 501
Posts: 7980



FYI...

Shockwave v11.5.9.615 released
- http://boards.cexx.org/index.php?topic=17585.msg81580#msg81580
___

Shockwave Player vuln - unpatched
- http://secunia.com/advisories/41932/
Release Date: 2010-10-22
Criticality level: Extremely critical
Impact: System access
Where: From remote
Solution Status: Unpatched ...
The vulnerability is confirmed in version 11.5.8.612...
Solution: Do not visit untrusted websites*...
Original Advisory: Adobe:
http://www.adobe.com/support/security/advisories/apsa10-04.html
Last updated: October 27, 2010 - "... As of October 27, Adobe is aware of reports of this vulnerability being exploited in the wild... We are in the process of finalizing a fix for the issue and expect to provide an update for Shockwave Player on October 28, 2010..."
http://blogs.adobe.com/psirt/2010/10/security-advisory-for-adobe-shockwave-player-apsa10-04.html
"... vulnerability (CVE-2010-3653) could cause a crash and potentially allow an attacker to take control of the affected system..."
- http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-3653
Last revised: 10/27/2010
CVSS v2 Base Score: 9.3 (HIGH)

* -and/or- UNINSTALL Shockwave Player. You can live without it.

 Shocked
« Last Edit: October 28, 2010, 11:25:47 by AplusWebMaster » Logged

This machine has no brain.
....... Use your own.
Browser check for updates here.
.
« Reply #20 on: October 28, 2010, 08:56:27 »
AplusWebMaster Offline
Global Moderator WWW

Karma: 501
Posts: 7980



FYI...

Adobe Flash... 0-day... unpatched
* http://www.adobe.com/support/security/advisories/apsa10-05.html
Release date: October 28, 2010
CVE number: CVE-2010-3654
"A critical vulnerability exists in Adobe Flash Player 10.1.85.3 and earlier versions for Windows, Macintosh, Linux and Solaris operating systems; Adobe Flash Player 10.1.95.2 and earlier versions for Android; and the authplay.dll component that ships with Adobe Reader 9.4 and earlier 9.x versions for Windows, Macintosh and UNIX operating systems, and Adobe Acrobat 9.4 and earlier 9.x versions for Windows and Macintosh operating systems. This vulnerability (CVE-2010-3654) could cause a crash and potentially allow an attacker to take control of the affected system. There are reports that this vulnerability is being actively exploited in the wild against Adobe Reader and Acrobat 9.x. Adobe is not currently aware of attacks targeting Adobe Flash Player. We are in the process of finalizing a fix for the issue and expect to provide an update for Flash Player 10.x for Windows, Macintosh, Linux, and Android by November 9, 2010. We expect to make available an update for Adobe Reader and Acrobat 9.4 and earlier 9.x versions during the week of November 15, 2010..."

- http://secunia.com/advisories/41917/
Last Update: 2010-10-29
Criticality level: Extremely critical
NOTE: The vulnerability is currently being actively exploited...
... Adobe plans to release a fixed version on November 9, 2010.
... Reported as a 0-day.
Original Advisory: Adobe APSA10-05*

Adobe Reader/Acrobat ...
- http://secunia.com/advisories/42030/
...Adobe plans to release a fixed version on November 15, 2010.
Original Advisory: Adobe APSA10-05*

Chrome ...
- http://secunia.com/advisories/42031/

- http://www.theregister.co.uk/2010/10/28/adobe_reader_critical_vuln/
28 October 2010
- http://www.virustotal.com/file-scan/report.html?id=c4722bf958337e79fd53e8cbc289b58fdcce922ef025302cbca7679a5eae772a-1288229160
File name: nsunday.exe
Submission date: 2010-10-28
Result: 15/42 (35.7%)
There is a more up-to-date report (27/43) for this file...
- http://www.virustotal.com/file-scan/report.html?id=c4722bf958337e79fd53e8cbc289b58fdcce922ef025302cbca7679a5eae772a-1288324712
File name: 9F0CEFE847174185030A1F027B3813EC
Submission date: 2010-10-29
Result: 27/43 (62.8%)
___

- http://isc.sans.edu/diary.html?storyid=9835
Last Updated: 2010-10-28 21:51:01 UTC - "... mitigation measures recommended by adobe:
Adobe Reader and Acrobat 9.x - Windows
Deleting, renaming, or removing access to the authplay.dll file that ships with Adobe Reader and Acrobat 9.x mitigates the threat for those products, but users will experience a non-exploitable crash or error message when opening a PDF file that contains Flash (SWF) content.
The authplay.dll that ships with Adobe Reader and Acrobat 9.x for Windows is typically located at C:Program FilesAdobeReader 9.0Readerauthplay.dll for Adobe Reader or C:Program FilesAdobeAcrobat 9.0Acrobatauthplay.dll for Acrobat.
Adobe Reader 9.x - Macintosh
1) Go to the Applications->Adobe Reader 9 folder.
2) Right Click on Adobe Reader.
3) Select Show Package Contents.
4) Go to the Contents->Frameworks folder.
5) Delete or move the AuthPlayLib.bundle file.
Acrobat Pro 9.x - Macintosh
1) Go to the Applications->Adobe Acrobat 9 Pro folder.
2) Right Click on Adobe Acrobat Pro.
3) Select Show Package Contents.
4) Go to the Contents->Frameworks folder.
5) Delete or move the AuthPlayLib.bundle file.
Adobe Reader 9.x - UNIX
1) Go to installation location of Reader (typically a folder named Adobe).
2) Within it browse to Reader9/Reader/intellinux/lib/ (for Linux) or Reader9/Reader/intelsolaris/lib/ (for Solaris).
3) Remove the library named "libauthplay.so.0.0.0."
More information at
- http://contagiodump.blogspot.com/2010/10/potential-new-adobe-flash-player-zero.html ..."
___

- http://www.kb.cert.org/vuls/id/298081
2010-10-28 - "... consider the following workarounds: Disable Flash..."

ThreatCon... Elevated.
- http://www.symantec.com/security_response/threatconlearn.jsp
Oct. 29, 2010 - "... Adobe Flash Player, Adobe Reader, and Acrobat... vulnerability... being actively exploited in the wild..."

- http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-3654
Last revised: 10/29/2010

 Shocked
« Last Edit: October 29, 2010, 11:33:04 by AplusWebMaster » Logged

This machine has no brain.
....... Use your own.
Browser check for updates here.
.
« Reply #21 on: November 02, 2010, 18:13:07 »
AplusWebMaster Offline
Global Moderator WWW

Karma: 501
Posts: 7980



FYI...

Flash v10.1.102.64 released
- http://boards.cexx.org/index.php?topic=17585.msg81602#msg81602
Critical
___

- http://isc.sans.edu/diary.html?storyid=9892
Last Updated: 2010-11-04 22:27:50 UTC - "... current 'State of Adobe'...
Product    Latest Version
PDF Reader    - v9.4.0    - vulnerable: http://secunia.com/advisories/42095/
Flash Player    - 10.1.102.64
Shockwave Player- 11.5.9.615   - vulnerable: http://secunia.com/advisories/42112/
Acrobat    - 9.4.0      - vulnerable: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-3654
Air       - 2.5 ..."
- http://isc.sans.edu/tag.html?tag=adobe
___

Flash update now expected 11.4.2010...
- http://www.adobe.com/support/security/advisories/apsa10-05.html
Last updated: November 2, 2010 - "... We are in the process of finalizing a fix for the issue and expect to provide an update for Flash Player 10.x for Windows, Macintosh, Linux and Solaris by November 4, 2010. We expect to make available an update for Flash Player 10.x for Android by November 9, 2010..."
- http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-3654
Last revised: 11/01/2010
CVSS v2 Base Score: 9.3 (HIGH)

 Exclamation
« Last Edit: November 05, 2010, 05:39:18 by AplusWebMaster » Logged

This machine has no brain.
....... Use your own.
Browser check for updates here.
.
« Reply #22 on: November 08, 2010, 04:37:02 »
AplusWebMaster Offline
Global Moderator WWW

Karma: 501
Posts: 7980



FYI...

More Adobe vulns ...

Adobe Reader vuln
- http://secunia.com/advisories/42095/
Last Update: 2010-11-17
Criticality level: Highly critical
Impact: System access
Where: From remote
Solution: Update to version 9.4.1.

Adobe Shockwave Player vuln - unpatched
- http://secunia.com/advisories/42112/
Last Update: 2010-11-16
Criticality level: Moderately critical
Impact: System access
Where: From remote
Solution Status: Unpatched ...
... The vulnerability is confirmed in version 11.5.9.615. Other versions may also be affected.
Solution: Do not open the "Shockwave Settings" window when viewing Shockwave content..."
- http://www.securitytracker.com/id?1024682
Nov 4 2010
- http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-4092
Last revised: 11/11/2010
CVSS v2 Base Score: 9.3 (HIGH)

* -and/or- UNINSTALL Shockwave Player. You can live without it.

 Sad
« Last Edit: November 27, 2010, 06:56:44 by AplusWebMaster » Logged

This machine has no brain.
....... Use your own.
Browser check for updates here.
.
« Reply #23 on: November 10, 2010, 13:38:39 »
AplusWebMaster Offline
Global Moderator WWW

Karma: 501
Posts: 7980



Adobe Reader/Acrobat v9.4.1 released
- http://boards.cexx.org/index.php?topic=17585.msg81662#msg81662
___
Adobe PDF Reader status:
- http://www.adobe.com/support/security/bulletins/apsb10-28.html
November 12, 2010 - "... updates for Adobe Reader 9.4... and Adobe Acrobat 9.4... Adobe expects to make updates for Windows and Macintosh available on Tuesday, November 16, 2010. An update for UNIX is expected to be available on Monday, November 30, 2010..."
- http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-3654
Original release date: 10/29/2010 - Last revised: 11/11/2010
CVSS v2 Base Score: 9.3 (HIGH) "... as exploited in the wild in October 2010..."
- http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-4091
Original release date: 11/07/2010 - Last revised: 11/11/2010
CVSS v2 Base Score: 9.3 (HIGH)
- http://secunia.com/advisories/42030/
Release Date: 2010-10-28
- http://secunia.com/advisories/42095/
Last Update: 2010-11-08

- http://contagiodump.blogspot.com/2010/11/cve-2010-3654.html
November 10, 2010

Alternative:
- http://boards.cexx.org/index.php?topic=17453.msg81710#msg81710
FoxIt Reader v4.3.0.1110

 Exclamation Exclamation
« Last Edit: December 08, 2010, 07:47:24 by AplusWebMaster » Logged

This machine has no brain.
....... Use your own.
Browser check for updates here.
.
« Reply #24 on: March 14, 2011, 13:34:18 »
AplusWebMaster Offline
Global Moderator WWW

Karma: 501
Posts: 7980



FYI...

Flash 0-day targeted attacks...
- http://isc.sans.edu/diary.html?storyid=10549
Last Updated: 2011-03-14 20:09:26 UTC - "Adobe posted a security advisory*... These attacks seem to be particularly sneaky – the Flash exploit is embedded in an Excel file which is also used to setup memory so the exploit has a higher chance of succeeding. We will keep an eye on this and if the 0-day starts being used in the wild..."
___

- http://blog.trendmicro.com/excel-file-containing-adobe-zero-day-exploit-found/
Mar. 16, 2011
___

* http://www.adobe.com/support/security/advisories/apsa11-01.html
March 14, 2011 - "Summary: A critical vulnerability exists in Adobe Flash Player  10.2.152.33 and earlier versions (Adobe Flash Player 10.2.154.13 and earlier for Chrome users) for Windows, Macintosh, Linux and Solaris operating systems, Adobe Flash Player 10.1.106.16 and earlier versions for Android, and the Authplay.dll component that ships with Adobe Reader and Acrobat X (10.0.1) and earlier 10.x and 9.x versions of Reader and Acrobat for Windows and Macintosh operating systems. This vulnerability (CVE-2011-0609) could cause a crash and potentially allow an attacker to take control of the affected system. There are reports that this vulnerability is being exploited in the wild in targeted attacks via a Flash (.swf) file embedded in a Microsoft Excel (.xls) file delivered as an email attachment... We are in the process of finalizing a fix for the issue and expect to make available an update for Flash Player 10.x and earlier versions for Windows, Macintosh, Linux, Solaris and Android, and an update for Adobe Acrobat X (10.0.1) and earlier 10.x and 9.x versions for Windows and Macintosh, Adobe Reader X (10.0.1) for Macintosh, and Adobe Reader 9.4.2 and earlier 9.x versions during the week of March 21, 2011..."

- http://blogs.adobe.com/asset/2011/03/background-on-apsa11-01-patch-schedule.html
March 14, 2011 - "... The current attack leverages a malicious Flash (.swf) file inside a Microsoft Excel (.xls) file. The .xls file is used to set up machine memory to take advantage of a crash triggered by the corrupted .swf file. The final step of the attack is to install persistent malware on the victim’s machine..."

- http://secunia.com/advisories/43751/
Release Date: 2011-03-15
Criticality level: Extremely critical
Impact: System access
Where: From remote
Solution Status: Unpatched
Software: Adobe Flash Player 10.x
... The vulnerability is reportedly being actively exploited.
Solution: Adobe plans to release a fixed version during the week of March 21, 2011...

- http://secunia.com/advisories/43772
___

- http://www.us-cert.gov/current/#adobe_releases_security_advisory_for6
March 15, 2011

- http://www.kb.cert.org/vuls/id/192052
Last Updated: 2011-03-15

- http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-0609
Last revised: 03/15/2011
CVSS v2 Base Score: 9.3 (HIGH)

- http://www.securitytracker.com/id/1025210
Mar 15 2011
- http://www.securitytracker.com/id/1025211
Mar 15 2011
___

- http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_adobe_flash2
11 Mar 2011

 Evil or Very Mad
« Last Edit: March 18, 2011, 04:27:26 by AplusWebMaster » Logged

This machine has no brain.
....... Use your own.
Browser check for updates here.
.
« Reply #25 on: March 21, 2011, 07:01:50 »
AplusWebMaster Offline
Global Moderator WWW

Karma: 501
Posts: 7980



FYI...

Flash/Reader/Acrobat critical updates released
- http://boards.cexx.org/index.php?topic=17585.msg82141#msg82141
March 21, 2011
___

Flash 10.2 update - for Androids only...
- http://blogs.adobe.com/flashplayer/2011/03/flash-player-10-2-now-available-for-mobile-devices.html
March 18, 2011 - "... To see if your device is certified for Flash Player 10.2, visit:
- http://www.adobe.com/flashplatform/certified_devices/
___

- http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-0609
Last revised: 03/15/2011
CVSS v2 Base Score: 9.3 (HIGH)
___

- http://www.adobe.com/support/security/bulletins/apsb11-02.html
Last updated: March 18, 2011 - "... Adobe recommends users of Adobe Flash Player 10.1.102.64 and earlier versions for Windows, Macintosh, Linux, and Solaris update to Adobe Flash Player 10.2.152.26..."

- http://www.adobe.com/support/security/advisories/apsa11-01.html
Last updated: March 18, 2011 - "... A critical vulnerability exists in Adobe Flash Player 10.2.152.33 and earlier... We are in the process of finalizing a fix for the issue and expect to make available an update for Flash Player 10.x and earlier versions for Windows, Macintosh, Linux, Solaris, and an update for Adobe Acrobat X (10.0.1) and earlier 10.x and 9.x versions for Windows and Macintosh, Adobe Reader X (10.0.1) for Macintosh, and Adobe Reader 9.4.2 and earlier 9.x versions during the week of March 21, 2011..."

.
« Last Edit: March 21, 2011, 18:03:24 by AplusWebMaster » Logged

This machine has no brain.
....... Use your own.
Browser check for updates here.
.
« Reply #26 on: March 23, 2011, 04:28:03 »
AplusWebMaster Offline
Global Moderator WWW

Karma: 501
Posts: 7980



FYI...

PDF file loaded w/malware used in attack on Spotify...
- http://boards.cexx.org/index.php?topic=17533.msg82152#msg82152
"... Blackhole Exploit Kit... One of the vulnerabilities the exploit kit uses is a vulnerability in Adobe Reader/Acrobat. The kit uses a heavily obfuscated PDF file..."
* http://www.virustotal.com/file-scan/report.html?id=a41b05120be3018082eff5d75811b166d1cf9dccb7c2ea3da3d42fd090c97acf-1301413767
File name: L9FPB1.pdf
Submission date: 2011-03-29 15:49:27 (UTC)
Result: 12/43 (27.9%)
___

Flash exploits in-the-wild - SPAM attachments...
- http://www.f-secure.com/weblog/archives/00002127.html
March 23, 2011 - "Attackers have been taking advantage of the situation in Japan to trick their targets into opening malicious files. These cases have used infected Excel attachments with Flash exploits... Another sample we've seen (md5:20ee090487ce1a670c192f9ac18c9d18) is an Excel file containing an embedded Flash object that exploits a known vulnerability (CVE-2011-0609). When the XLS file is opened, it shows an empty Excel spreadsheet and starts exploit code via a Flash object. The Flash object starts by doing a heap-spray... the Flash object constructs and loads a second Flash object in runtime... This second Flash object is the main exploit in this malware and it exploits CVE-2011-0609 to execute the shellcode in the heap... As an aside: the main exploit appears to have been delivered in this fashion in an attempt to evade detection. As it is loaded in memory, no physical file is available for scanning by an antivirus engine. Embedding the Flash object that loads the main exploit in an Excel file may be an attempt to further disguise the attack... users should update their Flash player as Adobe has already released a patch for this particular vulnerability. For more information, please see their security advisory*..."
(Screenshots available at the URL above.)
* http://boards.cexx.org/index.php?topic=17585.msg82141#msg82141
Flash Player v10.2.153.1 released

- http://www.f-secure.com/weblog/archives/00002127.html
March 23, 2011

- http://sunbeltblog.blogspot.com/2011/03/tips-for-avoiding-endless-japan.html

- http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-0609
Last revised: 03/31/2011
CVSS v2 Base Score: 9.3 (HIGH)
"... as exploited in the wild in March 2011..."

 Evil or Very Mad Evil or Very Mad
« Last Edit: April 02, 2011, 03:38:18 by AplusWebMaster » Logged

This machine has no brain.
....... Use your own.
Browser check for updates here.
.
« Reply #27 on: April 11, 2011, 13:40:06 »
AplusWebMaster Offline
Global Moderator WWW

Karma: 501
Posts: 7980



FYI...

Flash 0-day exploit in-the-wild ...
- http://krebsonsecurity.com/2011/04/new-adobe-flash-zero-day-being-exploited/
April 11, 2011 3:32 pm - "Attackers are exploiting a previously unknown security flaw in Adobe’s ubiquitous Flash Player software to launch targeted attacks, according to several reliable sources... the attacks exploit a vulnerability in fully-patched versions of Flash, and are being leveraged in targeted spear-phishing campaigns launched against select organizations and individuals that work with or for the U.S. government. Sources say the attacks so far have embedded the Flash exploit inside of Microsoft Word files made to look like important government documents... A scan of one tainted file used in this attack that was submitted to Virustotal.com* indicates that just one out of 42 anti-virus products used to scan malware at the service detected this thing as malicious..."
* http://www.virustotal.com/file-scan/report.html?id=1e677420d7a8160c92b2f44f1ef5eea1cf9b0b1a25353db7d3142b268893507f-1302359653
File name: Disentangling Industrial Policy and Competition Policy.doc
Submission date: 2011-04-09 14:34:13 (UTC)
Result: 1/42 (2.4%)
There is a more up-to-date report...
- http://www.virustotal.com/file-scan/report.html?id=1e677420d7a8160c92b2f44f1ef5eea1cf9b0b1a25353db7d3142b268893507f-1304526431
File name: Disentangling Industrial Policy and Competition Policy.doc
Submission date: 2011-05-04 16:27:11 (UTC)
Result: 29/41 (70.7%)

Screenshot of malicious e-mail:
- http://regmedia.co.uk/2011/04/12/malicous_email.jpg
___

Security Advisory for Adobe Flash Player, Adobe Reader and Acrobat
- http://www.adobe.com/support/security/advisories/apsa11-02.html
April 11, 2011
CVE number: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-0611
A critical vulnerability exists in Flash Player 10.2.153.1 and earlier versions (Adobe Flash Player 10.2.154.25 and earlier for Chrome users) for Windows, Macintosh, Linux and Solaris, Adobe Flash Player 10.2.156.12 and earlier versions for Android, and the Authplay.dll component that ships with Adobe Reader and Acrobat X (10.0.2) and earlier 10.x and 9.x versions for Windows and Macintosh operating systems. This vulnerability (CVE-2011-0611) could cause a crash and potentially allow an attacker to take control of the affected system... We are in the process of finalizing a schedule for delivering updates...
Affected software versions:
• Adobe Flash Player 10.2.153.1 and earlier versions for Windows, Macintosh, Linux and Solaris operating systems
• Adobe Flash Player 10.2.154.25 and earlier for Chrome users
• Adobe Flash Player 10.2.156.12 and earlier for Android
• The Authplay.dll component that ships with Adobe Reader and Acrobat X (10.0.2) and earlier 10.x and 9.x versions for Windows and Macintosh operating systems
NOTE: Adobe Reader 9.x for UNIX, Adobe Reader for Android, and Adobe Reader and Acrobat 8.x are not affected by this issue...

- http://secunia.com/advisories/44119/
Release Date: 2011-04-12
Criticality level: Extremely critical
Impact:   System access
Where: From remote
Solution Status: Unpatched
... The vulnerability is currently being actively exploited via Office Word documents (.doc) containing malicious Flash content...
Original Advisory: Adobe:
http://blogs.adobe.com/psirt/2011/04/security-advisory-for-adobe-flash-player-adobe-reader-and-acrobat-apsa11-02.html

- http://secunia.com/advisories/44149/
Release Date: 2011-04-12
Criticality level: Highly critical
Impact:   System access
Where: From remote
Solution Status: Unpatched
... The vulnerability is caused due to a vulnerable bundled version of Flash Player (authplay.dll)...

- http://www.securitytracker.com/id/1025324
Apr 12 2011
- http://www.securitytracker.com/id/1025325
Apr 12 2011

 Evil or Very Mad
« Last Edit: May 07, 2011, 03:26:48 by AplusWebMaster » Logged

This machine has no brain.
....... Use your own.
Browser check for updates here.
.
« Reply #28 on: April 14, 2011, 01:46:38 »
AplusWebMaster Offline
Global Moderator WWW

Karma: 501
Posts: 7980



FYI...

Adobe Reader/Acrobat security updates
- http://boards.cexx.org/index.php?topic=17585.msg82244#msg82244
April 21, 2011
___

Flash Player v10.2.159.1 released
- http://boards.cexx.org/index.php?topic=17585.msg82223#msg82223
___

Flash, Reader, Acrobat critical updates scheduled...
- http://www.adobe.com/support/security/advisories/apsa11-02.html
April 13, 2011- "... We... expect to make available an update for Flash... on Friday, April 15, 2011. We expect to make available an update for Adobe Acrobat... and Adobe Reader... no later than the week of April 25, 2011..."

- http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-0611
Last revised: 04/13/2011
CVSS v2 Base Score: 9.3 (HIGH)
"... as exploited in the wild in April 2011..."

 Exclamation
« Last Edit: April 21, 2011, 11:33:51 by AplusWebMaster » Logged

This machine has no brain.
....... Use your own.
Browser check for updates here.
.
« Reply #29 on: April 20, 2011, 02:42:25 »
AplusWebMaster Offline
Global Moderator WWW

Karma: 501
Posts: 7980



FYI...

Drive-by Flash cache attacks...
- http://www.theregister.co.uk/2011/04/19/amnesty_drive_by_cache/
19 April 2011 - "Miscreants have deployed a subtle variant of the well established drive-by-download attack tactics against the website of human rights organisation Amnesty International. In traditional drive-by-download attacks malicious code is planted on websites. This code redirects surfers to an exploit site, which relies on browser vulnerabilities or other exploits to download and execute malware onto visiting PCs. The attack on the Amnesty website, detected by security firm Armorize*, relied on a different sequence of events. In this case, malicious scripts are used to locate the malware which is already sitting in the browser's cache directory, before executing it. This so-called drive-by cache approach make attacks harder to detect because no attempt is made to download a file and write it to disk, a suspicious maneuver many security software packages are liable to detect. By bypassing this step dodgy sorts are more likely to slip their wares past security software undetected. The Amnesty International attack ultimately relied on an Adobe Flash zero-day exploit, patched by Adobe** late last week..."
* http://blog.armorize.com/2011/04/newest-adobe-flash-0-day-used-in-new.html

- http://www.virustotal.com/file-scan/report.html?id=2e498420acf149a2ea785bd798061d1e14b1b069e9abd83889da7e2f8d15c227-1303129354
File name: display[1].swf
Submission date: 2011-04-18 12:22:34 (UTC)
Result: 1/40 (2.5%)

** Flash Player v10.2.159.1 released
- http://boards.cexx.org/index.php?topic=17585.msg82223#msg82223

« Last Edit: April 20, 2011, 16:37:57 by AplusWebMaster » Logged

This machine has no brain.
....... Use your own.
Browser check for updates here.
.
 
Pages: 1 [2] 3 4   Go Up
  Print  
 
Jump to:  

Powered by SMF 1.1.19 | SMF © 2013, Simple Machines Page created in 0.469 seconds with 19 queries.