funsec mailing list archives
Re: Adobe 0-day in the wild
From: Axel Pettinger <Axel.Pettinger () t-online de>
Date: Sat, 21 Feb 2009 21:50:58 +0100
nick hatch wrote:
On Sat, Feb 21, 2009 at 9:06 AM, John LaCour <john () johnlacour com> wrote: And there's very little information about how to mitigate the attack without a patch. By disabling Javascript in the Reader, you can prevent the known attacks. The actual vuln isn't in Acrobat javascript - that's just leveraged for heap spraying. This workaround is utterly unfeasible for some businesses. At $dayjob, we have systems which autogenerate PDF forms, and it turns out they use javascript. I get the impression this is common. Adding insult to injury, the vendors which support these systems don't support Adobe 9 yet, so we're on 8. Adobe 8 gets its fix to "follow soon after" the March 11th date for Adobe 9. Our current mitigation strategy is begging our users to be safe. Ugh.
Not sure whether this helps, but Symantec mentiones that "Enabling DEP for Adobe Reader will also help prevent this type of attack." https://forums.symantec.com/t5/blogs/blogarticlepage/blog-id/vulnerabilities_exploits/article-id/188 Regards, Axel Pettinger _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Adobe 0-day in the wild Juha-Matti Laurio (Feb 20)
- Re: Adobe 0-day in the wild Paul Ferguson (Feb 20)
- Re: Adobe 0-day in the wild John LaCour (Feb 21)
- Re: Adobe 0-day in the wild nick hatch (Feb 21)
- Re: Adobe 0-day in the wild Rich Kulawiec (Feb 21)
- Re: Adobe 0-day in the wild Alex Eckelberry (Feb 21)
- Re: Adobe 0-day in the wild Axel Pettinger (Mar 04)
- Re: Adobe 0-day in the wild nick hatch (Feb 21)
- Re: Adobe 0-day in the wild Jon Kibler (Feb 22)
- Re: Adobe 0-day in the wild rackow (Feb 23)
- Re: Adobe 0-day in the wild nick hatch (Feb 23)
- Re: Adobe 0-day in the wild Dragos Ruiu (Feb 23)
- Re: Adobe 0-day in the wild Charles Miller (Feb 23)
- Re: Adobe 0-day in the wild nick hatch (Feb 23)
- Re: Adobe 0-day in the wild Dragos Ruiu (Feb 23)
- Re: Adobe 0-day in the wild rackow (Feb 23)
- <Possible follow-ups>
- Re: Adobe 0-day in the wild Juha-Matti Laurio (Feb 21)
- Re: Adobe 0-day in the wild rackow (Feb 21)
- Re: Adobe 0-day in the wild Jon Kibler (Feb 24)
- Re: Adobe 0-day in the wild rackow (Feb 21)