Threat Level: green Handler on Duty: Rob VandenBrink

SANS ISC: Adobe/Acrobat 0-day in the wild? - SANS Internet Storm Center SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Adobe/Acrobat 0-day in the wild?

According to our friends over at Shadowserver, There is a new Acrobat 0-day in the wild.  They say you can avoid it by turning off Javascript inside of your Adobe Acrobat products. 

Please see Shadowserver's write up: here for more information

-- Joel Esler http://www.joelesler.net

Joel

454 Posts
ISC Handler
Can hardly believe an Adobe patch will be out for this exploit March 11th, that's almost 3 weeks!

Excuse my french - wtf...!
Brian

3 Posts
Yeah, but then again it's a Java problem, and anything Java=related is notoriously slow ;-)
Lee

21 Posts
It's not really a JAVA problem.
In this specific case it is, but, as far as i understand, JAVA is not needed to exploit the mentioned issue.
So other working exploits will come up, not using JAVA, but getting a lot of users into trouble.
Manuel

2 Posts
\"Friends\" at ShadowServer???

And you should really disclose relationships before you brag up VRT.
Ken

40 Posts
Relationships? Like, \"Hey, I work for Sourcefire\"?
Joel

454 Posts
ISC Handler
java has nothing to do with this exploit or the mechanics of the exploits floating around. Attackers are using javaSCRIPT to massage the heap to allow for more reliable exploitation. Disabling that removes that capability from their tool chest, and that in turn makes the exploit much much harder to accomplish.
AndreL

56 Posts
I found this nugget of joy on the VRT blog especially disturbing. "Oh, by the way, I forgot to mention. If you happen to open an explorer window, or a browser window, or anything at all that even has the ICON of the pdf file, you're owned." This may be a silly comment but is disabling JS really going to help that much. It will simply ask them if they want to re-enable. They will say yes and be owned anyway.
Anonymous

Sign Up for Free or Log In to start participating in the conversation!