Sunday, June 6, 2010

New Adobe Flash, Reader, Acrobat Vulnerability

Adobe announced a new vulnerability in its Adobe Flash and Adobe Reader/Acrobat products. There is no patch available as of this writing. The scope of the exploitation attempts isn't known at this time. The CVE number assigned is CVE-2010-1297.

For now, we will need to rely upon AV for protection. The major AV vendors started releasing definitions over the weekend. For example, Symantec has released definitions (detected as Trojan.Pidief.J) for the known exploits for the Adobe Flash, Reader, and Acrobat vulnerability.

References:
http://www.adobe.com/support/security/advisories/apsa10-01.html
http://www.symantec.com/connect/blogs/0-day-attack-wild-adobe-flash-reader-and-acrobat


email: david @ sharpesecurity.com
website: www.sharpesecurity.com
Twitter: twitter.com/sharpesecurity

No comments:

Post a Comment