Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: Adobe Updates today as well. - SANS Internet Storm Center SANS ISC InfoSec Forums

Watch ISC TV. Great for NOCs, SOCs and Living Rooms:

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Adobe Updates today as well.

Adobe also has published updates today for Flash Player, resolving CVE-2013-5331 and CVE-2013-5332.

This is a remote execution vulnerability, by way of a malicious SWF (Flash) content in an MS Word document.

The versions will vary from platform to platform, but if you are running Flash Player you should update soon (today if possible).

Rob VandenBrink

Rob VandenBrink

579 Posts
ISC Handler
Dec 10th 2013
Geez, the endless near monthly security updates for Adobe flash player.

Makes one wonder just how many security vulnerabilities you can possibly program into a browser plugin?

You will notice this is within the shell of MS word... another thread speaks of going after the bad people. This is the reason they will continue to thrive... on the scale of SCAMS according to a family member who works for the FBI in LA... this one brings in small amounts of money. What amazes me is the people that continue to fall for the Nigerian Scam, tens of millions.. yes, tens of millions each year.

Another issue is patch deployment of exploit.. SANS 301... fix was not out yet and I am running Adobe's latest version. DL Qualys.. auto update.. 3 flavors... I deployed through the whole company where WSUS could not hit in remote areas.

As I was typing this.. updated...

63 Posts
Adobe Air is also released. it appears that none of the security sites track this. The new version is
1 Posts

Sign Up for Free or Log In to start participating in the conversation!