Threat Level: green Handler on Duty: Renato Marinho

SANS ISC: Adobe POC in the Wild - SANS Internet Storm Center SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Adobe POC in the Wild

On June 5th Handler Guy posted a diary about a Security Advisor for Adobe Products.  http://isc.sans.edu/diary.html?date=2010-06-05

We have received notification that a proof of concept (POC) has been found in malware taken from the wild and is currently being exploited. 
For those that are Adobe users please patch before it is too late.

Thanks to our readers who brought this to our attention. 

Update: For more information see US-CERT Technical Cyber Security Alert TA10-159A. http://www.us-cert.gov/cas/techalerts/TA10-159A.html

 Thanks to those of you who have pointed out that I made a mistake in the Diary.  It appears that there is not a patch available rather currently
just mitigation steps.  It looks like the patch will be released for Flash Player soon and for Reader and Acrobat later in the month.

 

Deb Hale Long Lines, LLC

It appears that the Security Update has been released by Adobe. Thanks to Juha-Matti for providing this information.

http://www.adobe.com/support/security/bulletins/apsb10-14.html

Deborah

272 Posts
ISC Handler
For mitigation in Windows, Adobe recommends renaming authplay.dll

But US-CERT recommends renaming 2 files:
authplay.dll
rt3d.dll

??
K-Dee

60 Posts Posts
They just posted a new Flash uninstaller as well....BUT.....the /S switch doesn't work anymore for silent mode....

Also tried /Q, /qn, and /silent....and a few others....but haven't figured it out yet..... ARGH!!
K-Dee

60 Posts Posts
The post from US-CERT mentions that renaming/deleting rt3d.dll is to just to display a user-friendly error message instead of having it crash.
Anonymous

Posts
The new silent switch for the Flash uninstaller is

-uninstall
K-Dee

60 Posts Posts
the unattended/silent switch is now -install
Anonymous

Posts

Sign Up for Free or Log In to start participating in the conversation!