Adobe Flash and PDF WARNING!

[CCWKen]

Any you thought I was a paranoid over Flash.

Adobe (NSDQ:ADBE) released an advisory Monday for a critical, zero-day vulnerability actively exploited in the wild against Adobe Flash Player, Reader and Acrobat.
Adobe ranked the flaw, which affects Windows, Mac, Solaris, Linux and UNIX platforms, with the highest severity rating of "critical," indicating that it could be subject to remote code execution attacks.

Security researchers report that hackers have already launched "in the wild" attacks on Adobe Flash Player 10.0.45.2, 9.0.262, and earlier 10.0.x and 9.0.x versions for Windows, Macintosh, Linux and Solaris, as well as Adobe Reader and Acrobat 9.3.2 and earlier 9.x versions for Windows, Macintosh and UNIX.

Thus far however, Adobe Flash Player 10.1, which is currently in beta, as well as Adobe Reader and Acrobat 8.x "do not appear to be vulnerable" to an exploit, Adobe said in its advisory.

During an attack, malware, which Symantec (NSDQ:SYMC) researchers have dubbed as Trojan.Pidief, is distributed via an infected PDF file that drops a backdoor onto the victim's computer upon installation of affected Adobe software. Specifically, a malicious SWF file is used in conjunction with an HTML file to download another backdoor Trojan.

In an attack scenario, a hacker could trick a user into opening an infected PDF file, typically through some social engineering scheme delivered via e-mail. Once the infected file was downloaded, malware would be launched designed to crash users' computers or take control of the affected system to steal, alter or delete sensitive data such as financial information, health-care records or intellectual property.

Adobe has yet to release a patch repairing the zero-day flaw. Until then, researchers recommend users deploy a workaround by deleting, renaming, or removing access to the authplay.dll file, which ships with Adobe Reader and Acrobat 9.x. Users will be subject to a non-exploitable crash or error message if they attempt to open a malicious PDF file that contains a Trojan.

Adobe is currently investigating the problem and said that it would update their advisory once a fix schedule is determined. Meanwhile, to mitigate chances of an attack researchers recommend that users keep up-to-date antivirus, download the latest Adobe patches and avoid opening unknown or suspicious emails.

[aboard_epsilon]

adobe acrobat that opens pdfs ..and adobe flash thast plays vids and animations are two different products ..are you saying both are compromised .

all the best.markj

[CCWKen]

Yes, read the article.

There's no fix for Flash at this time. (Other than down loading Beta 10.1) A "half-fast" fix for Reader is to re-name "Authplay.dll" to something else.

Make sure your antivirus software is updated. It MAY catch the trojans.

[aboard_epsilon]

i just disabled it for now ..

in manage add ons, in exporor

if the program is called shockwave flash object ..that is.

btw this website uses it .

all the best.mark

[CCWKen]

I don't have Flash loaded so I usually get a notice bar (like a blocked pop-up) on sites that request Flash. I don't get one here. It could be that one of the ads is calling for Flash. (I don't have ads either.)

[aboard_epsilon]

seems its used by youtube as well

so no youtube for a few days

all the best.markj

[CCWKen]

I just found something else while researching Adobe SWF files.

Flash Player already reaches over 98% of Internet-enabled desktops and more than 800 million handsets and mobile devices.

I wonder if the mobile devices are vulnerable too? None of the articles, so far, have mentioned them. Maybe it's just the PC operating systems.

[oldtiffie]

Its not the first time that Adobe has been found lacking in terms of getting "infected" and of being tardy at both informing users/clients and getting it fixed.

Getting Adobe stuff off your computer can be as bad as getting rid of all traces of Symantec stuff. I got rid of mine when I had two new computers built.

The worst I've seen and had as regards Adobe was Acrobat Reader as my copy (legal) of Machinerys Handbook 27 CD was tied to Acrobat and simply would not work with any other PDF reader or writer. So that legal MHB CD is a complete loss.

[Your Old Dog]

I have always been suspicious of emailed PDF files and never open them if I know they are "forwards". Once you click that open button you have no idea what's going to happen or not happen !

[CCWKen]

What I dislike the most about Flash and the reason I don't load it on my PCs is the embedded standalone script language that can be run without ANY user options or system control. You basically hand-over your PC to website programmers. While this may be okay for some specific sites like You-Got-Tubed, it opens your PC to the advertisers and (other) scum bags. If you've ever browsed the capabilities of the script language, you'll see that a programmer has the capabilities to lock YOU out of your machine and/or direct it to the control of other sites. I don't see how Adobe has gotten away with it for so long.

PDFs are bad enough but I'll pass on any SWF files. I'll wait for HTML5.