Threat Level: green Handler on Duty: Brad Duncan

SANS ISC: Update to Adobe Flash 0-day: Patch will be out soon SANS ISC InfoSec Forums

Watch ISC TV. Great for NOCs, SOCs and Living Rooms: https://isctv.sans.edu

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Update to Adobe Flash 0-day: Patch will be out soon

Adobe updated its advisory, stating that we should have a patch at least for the "non sandbox" versions of Adobe Acrobat and Reader by April 25th [1]. Flash player will get a fix even earlier (April 15th = this week Friday). Adobe Reader X for Windows, which uses the new "Protected Mode" feature to limited the exploitability of this vulnerability, will have to wait until June 14th.

Little Table to clarify:

  Flash Reader 9 Reader 10.x Reader 10.0.1 Reader 10.0.2 aka "X"
Windows 4/15 4/25 4/25 4/25 6/14
Macintosh 4/15 4/25 4/25 4/25 4/25

 

for more details, see the URL below.

[1] http://www.adobe.com/support/security/advisories/apsa11-02.html

Update: corrected patch date for Adobe Reader X for Windows. Was 6/25.. but should have been 6/14. Thanks Luc for pointing this out to me!)

------
Johannes B. Ullrich, Ph.D.
SANS Technology Institute
Twitter

Johannes

3910 Posts
ISC Handler
Apr 14th 2011
...and Linux?
Anonymous

Sign Up for Free or Log In to start participating in the conversation!