Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: Adobe Patch is out SANS ISC InfoSec Forums

Watch ISC TV. Great for NOCs, SOCs and Living Rooms: https://isctv.sans.edu

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Adobe Patch is out

It looks like today will be patch day for a lot of folks.  It appears that  Adobe has released the patch for the Thanks to all of our readers that Abobe Bulletins that Handler Mark posted yesterday and Handler Bojan posted on July 23rd.

isc.sans.org/diary.html

isc.sans.org/diary.html

The patches can be downloaded from Adobe's update site.

Thanks to all of our reader's that have notified us of the availability of the patch.

Deb Hale Long Lines, LLC

Deborah

278 Posts
ISC Handler
The Adobe patches fix the problem in each product. But wouldn't the defense in depth changes in Internet Explorer in KB972260 block the exploits? My googling is failing to find where somebody has actually tested this and published their findings.
Andrew

41 Posts
There are two separate issues here.

First is the Microsoft ATL issue. Not sure if the defense in depth in KB972260 blocks attacks or not. The ATL issue affects Shockwave and Flash. My personal opinion is that you fix everything - belt and suspenders is best! Maybe someone finds a workaround for 972260, but if you have Flash and Shockwave patched then you're at least fine on those two. Note that, according to Adobe, Reader and Acrobat were unaffected by ATL.

Second issue is the Authplay.dll vulnerability, which is a zero-day that's been known for almost two weeks. This is present in both Flash and Adobe Reader/Acrobat and is, AFAIK, independent of the ATL issue.

Releases: Shockwave was updated on Tuesday (addressing ATL), Flash was updated (addressing both ATL and Authplay) on Thursday, and Reader/Acrobat were updated today (addressing Authplay).

Short answer? GET PATCHING!
Anonymous
One more note - if you have Firefox deployed en masse, according to https://wiki.mozilla.org/Releases/Firefox_3.5.2 it appears that 3.5.2 will be a chemspill release due sometime on Monday!
Anonymous

Sign Up for Free or Log In to start participating in the conversation!