Thursday, July 23, 2009

Adobe Vulnerability Targeted in Drive-by Attacks

eWEEK.COM is running a story about a new zero-day vulnerability affecting Adobe's Flash Player software that is being exploited by attackers via drive-by downloads.

Adobe first warned about the vulnerability July 21, then issued an updated advisory the next night. The issue affects current versions of Flash Player on Windows, Mac and Linux platforms.

According to the U.S. Computer Emergency Response Team (US-CERT), an attacker can trigger an overflow by luring a user into opening a malicious Flash (SWF) file that is either hosted or embedded on a Web page or contained in a PDF file. Then the attacker could either trigger a system crash or take full control of a vulnerable system.
“There are reports that this vulnerability is being actively exploited in the wild via limited, targeted attacks against Adobe Reader v9 on Windows,” according to a post on the Adobe Product Security Incident Response Team blog. “We are in the process of developing a fix for the issue, and expect to provide an update for Flash Player v9 and v10 for Windows, Macintosh, and Linux by July 30, 2009(the date for Flash Player v9 and v10 for Solaris is still pending). We expect to provide an update for Adobe Reader and Acrobat v9.1.2 for Windows, Macintosh, and UNIX by July 31, 2009.”
“At the moment there (are) a low number of malicious sites serving the exploit, but we confirmed that the links have been injected in legitimate Websites to create a drive-by attack, as expected,” according to SANS Internet Storm Center.

See full article at eWEEK.COM.