Adobe Acrobat/Reader 0-day in Wild, Adobe Issues Advisory

Published: 2010-09-08
Last Updated: 2010-09-08 18:03:06 UTC
by John Bambenek (Version: 1)
18 comment(s)

We just received word that there is a report of a 0-day exploit for Adobe Acrobat/Reader being exploited in the wild. Secunia has a brief write up and here is the link to the original advisory.  The exploit was discovered in a phishing attempt with the subject of "David Leadbetter's One Point Lesson".  Adobe has issued an advisory and references CVE-2010-2883 (which just shows as reserved at this point with no details).  It does effect the latest version of Acrobat/Reader and Adobe is investigation a patch. More to come on that.

The exploit in the wild I'm aware of causes a crash in Acrobat/Reader and then tries to open a decoy file.  So the good news is that, as of right now, it's a "loud exploit".  Early VirusTotal scans also had partial coverage under various forms of "Suspicious PDF" categories.  At this point, standard precautions apply (don't open PDFs from strangers) and this can probably only really be used in a phishing style scenario.  Will update this dairy as needed with developments.

John Bambenek
bambenek at gmail /dot/ com

18 comment(s)

Mozilla Thunderbird updated to version 3.1.3 also, more here:

Published: 2010-09-08
Last Updated: 2010-09-08 17:46:28 UTC
by John Bambenek (Version: 1)
0 comment(s)

-- John Bambenek bambenek at gmail /dot/ com

0 comment(s)
Patches issued for multiple vulnerabilities in Cisco Wireless LAN Contoller product family, more here:
Mozilla's SeaMonkey version 2.0.7 released for Security Updates:
Firefox Releases Version 3.6.9 and 3.5.12 to fix Security Vulnerabilities: 3.6.9 is and 3.5.12 is


eweew<a href="">mashood</a>
dwqqqwqwq mashood
[ |]
What's this all about ..?
password reveal .

Diary Archives