«
»

Now what! PDF files vulnerable to in the wild exploits

From the SANS Newsletter:

 –Unpatched PDF Flaw is Being Actively Exploited
(June 28, 2010)
An unpatched hole in the PDF format is being actively exploited.
Attackers are sending malicious messages that appear to come from
company system administrators and have subject headings regarding
mailbox setting changes.  The messages claim the attachments contain
instructions for updating email settings.  The attachments instead
infect users’ computers with malware known as Auraax or Emold.  The
attack exploits PDF viewers’ “/Launch” functions to infect computers.
http://www.computerworld.com/s/article/9176088/Major_malware_campaign_abuses_unfixed_PDF_flaw?taxonomyId=208

 

[Editor's Note (Northcutt): Is there an alternative to a .pdf? It was
supposed to be a printable image of what you saw on the screen. At least
that was the idea 15 years ago. It should not need "launch" functions
to do that. Do you remember five or six years ago, you weren't supposed
to send an excel spreadsheet or a word document because they might
contain malware, you were supposed to send a .pdf. Guess that has
changed! If anyone has a suggestion for a replacement for .pdfs that
works on linux, Apple and Microsoft and has almost no features beyond
imaging of the document, please drop me a note (stephen@sans.edu).]

AND, hot the heels of this:

 –Adobe to Release Reader and Acrobat Security Updates Two Weeks Ahead
   of Schedule
(June 24 & 25, 2010)
Adobe will release security updates for Reader and Acrobat on Tuesday,
June 29, two weeks ahead of the company’s regularly scheduled
quarterly security update.  The updates address a critical
vulnerability in Flash that is being actively exploited.  Adobe
released a fix for the issue in Flash Player on June 10.  Because of
the accelerated patch release, Adobe will not be issuing updates on
July 13, 2010.  The affected software includes Adobe Reader 9.3.2 and
earlier for Windows, Mac and UNIX, and Adobe Acrobat 9.3.2 and earlier
for Windows and Mac.
http://www.h-online.com/security/news/item/Adobe-brings-forward-security-update-for-Reader-1029200.html

 

http://www.theregister.co.uk/2010/06/25/adobe_pdf_flash_security_update/

 

http://www.adobe.com/support/security/bulletins/apsb10-15.html

 

Now, this does not surprise me.  Finally, it looks like Adobe is doing what it should have been doing all along.

And from the world of Google:

 –Updated Chrome Incorporates Latest Version of Flash Player
(June 25 & 27, 2010)
Google has released an update for its Chrome browser to address five
security flaws, three rated critical.  Chrome version 5.0.375.86 also
incorporates the built-in Flash Player.  Flash support was integrated
in Chrome in the beta phase, but Google waited for Flash Player 10.1 to
integrate it in the stable version of Chrome 5.  The updated version of
the browser is available for Mac, Linux and Windows.
http://www.pcworld.com/article/199933/google_chrome_integrates_flash.html?tk=hp_new

 

http://www.h-online.com/security/news/item/Chrome-update-fixes-vulnerabilities-and-activates-Flash-support-1029314.html

 

http://googlechromereleases.blogspot.com/2010/06/stable-channel-update_24.html

 

This entry was posted on Tuesday, June 29th, 2010 at 3:47 PM and is filed under Tech Stuff. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

Leave a Reply