Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: Adobe Patches - SANS Internet Storm Center SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Adobe Patches

Rumor has it that there is an Adobe Reader (PDF) zero-day. Google "Group IB zero day", and you'll find all the news outlets quoting each other. We don't have a sample PDF yet. If you have one, please share.  Needless to say that a PDF exploit is serious, and if indeed embedded in the Blacole exploit kit, is even more serious.  Not that the bad guys need PDF though .. it looks to me like 70% of the Internet is anyway still vulnerable to CVE2012-4681 (Java JRE), which has been in Blacole since late August.

Not a rumor: Flash Player has a couple of serious vulnerabilities, and Adobe has the patches: https://www.adobe.com/support/security/bulletins/apsb12-24.html   Not that this is news, really. Adobe browser plugin products NOT having serious vulnerabilities for a change .. now THAT would be news.
 

 

Daniel

367 Posts
ISC Handler

Sign Up for Free or Log In to start participating in the conversation!