funsec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Adobe 0-day in the wild

From: Juha-Matti Laurio <juha-matti.laurio () netti fi>
Date: Sat, 21 Feb 2009 23:40:52 +0200 (EET)
Is Mac Preview confirmed as affected too, in fact?

Juha-Matti

Paul Ferguson [fergdawgster () gmail com] kirjoitti: 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Fri, Feb 20, 2009 at 5:37 AM, Juha-Matti Laurio
<juha-matti.laurio () netti fi> wrote:


In case you are not aware of the Acrobat/Adobe Reader 0-day there is more
information at
http://www.adobe.com/support/security/advisories/apsa09-01.html

"Adobe is planning to release updates to Adobe Reader and Acrobat to
resolve the relevant security issue. Adobe expects to make available an
update for Adobe Reader 9 and Acrobat 9 by March 11th, 2009."

But users of 8.x and older versions have to wait.

There is a backdoot Trojan exploiting the issue in the wild.

Note: All platforms are reportedly affected.



Actually, there are now _several_ exploits for this vulnerability... and
growing in number fast.

- - ferg

-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 9.6.3 (Build 3017)

wj8DBQFJnvA1q1pz9mNUZTMRAtV7AKCOc1PLI31ggHQ/UIGcKm2WGkSHRwCeNp7t
zFpNuFUv1s+V3KJB0WRTXvE=
=mYY/
-----END PGP SIGNATURE-----


-- 
"Fergie", a.k.a. Paul Ferguson
 Engineering Architecture for the Internet
 fergdawgster(at)gmail.com
 ferg's tech blog: http://fergdawg.blogspot.com/


_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.
Previous By Date Next
Previous By Thread Next

Current thread: