Severity: MediumSummary:
This vulnerability affects: Adobe Flash Player version 9 and 10, running on Windows, Mac, and Linux computers. How an attacker exploits it: By enticing your users into viewing a malicious PDF document (or viewing malicious Flash content). Impact: An attacker can potentially gain complete control of your computer. What to do: Adobe plans to patch on July 30 and 31.
This vulnerability affects: Adobe Flash Player version 9 and 10, running on Windows, Mac, and Linux computers. How an attacker exploits it: By enticing your users into viewing a malicious PDF document (or viewing malicious Flash content). Impact: An attacker can potentially gain complete control of your computer. What to do: Adobe plans to patch on July 30 and 31.
Exposure:
Adobe Flash Player is a multimedia player that plugs into your web browser and allows you to view Flash content. While Flash isn't always installed by default, most users install it in order to view certain dynamic web pages.
Adobe Flash Player is a multimedia player that plugs into your web browser and allows you to view Flash content. While Flash isn't always installed by default, most users install it in order to view certain dynamic web pages.
In a security advisory released today, Adobe describes a critical vulnerability that affects Adobe Flash Player version 9 and 10, running on Windows, Macintosh, and Linux computers.
Adobe released this advisory in response to zero day exploit code researchers recently discovered attackers exploiting in the wild. The exploit currently circulating arrives as a malicious PDF file. However, the vulnerability actually resides in specially crafted Flash content embedded into that PDF file.
While exploits seen in the wild currently only arrive as malicious PDF files, we assume attackers could also exploit this Flash vulnerability by hosting malicious Flash content.
Adobe's advisory doesn't describe the flaw in much technical detail. If an attacker can lure one of your users into downloading and viewing a malicious PDF file, or into viewing specially crafted Flash content, he could exploit this unspecified vulnerability to potentially execute code on your user's computer, with that user's privileges.
As usual, if your users have local administrator or root privileges, this sort of attack gives the attacker full control of your users' computers.
Since researchers first discovered this vulnerability from attackers exploiting it in the wild, it poses a serious risk to Adobe Flash and Reader users. Some reports even suggest that attackers have hijacked legitimate web sites, and booby-trapped them with this zero day exploit.
Cybercriminals have been e-mailing PDF files with corrupted Flash video clips and hacking into websites to implant them since early July. When activated, these clips enable attackers to quickly install malicious programs on the user's computer.
Criminals typically take control of PCs, turning them into obedient "bots." They can use bot networks to steal data, siphon cash from online financial accounts, spread spam and trigger promotions to sell fake anti-virus programs.
Adobe is scrambling to develop an emergency patch by Friday. The company recently began issuing security patches once a quarter, with the next update scheduled on Sept. 8.
But even that might not solve the problem. Adobe alerts computer users every seven days about software updates that can include security patches, but users often defer installing such updates. Some 43% of the 1,500 cyberattacks identified by security firm F-Secure in the first six months of 2009 were directed at Acrobat Reader, up from nearly 29% last year.
That puts Acrobat Reader ahead of Microsoft Word, targeted in 40% of this year's attacks.
This post contains excerpts from the USAToday article, Hackers may slip through hole found in Adobe, by Byron Acohido, July 27th, 2009, and the Watchguard LiveSecurity article, Malicious PDF Documents Trigger Zero Day Adobe Flash Flaw, by Corey Nachreiner, CISSP, July 23rd, 2009.
No comments:
Post a Comment