Targeted (PDF) attacks...
FYI...
Targeted (PDF) attacks...
- http://www.f-secure.com/weblog/archives/00001859.html
January 18, 2010 - "F-Secure Labs has learned of another interesting targeted attack. In this case, malicious PDF files were emailed to US defense contractors. While the "Aurora" attacks against Google and others happened in December 2009, this happened just last week. The PDF file was quite convincing and it looked like it came from the Department of Defense... The document talks about a real conference to be held in Las Vegas in March. When opened to Adobe Reader, the file exploited the CVE-2009-4324* vulnerability. This is the doc.media.newPlayer vulnerability that Adobe patched last Tuesday. The exploit dropped a file called Updater.exe (md5: 3677fc94bc0dd89138b04a5a7a0cf2e0). This is a backdoor that connects to IP address 140.136.148.42. In order to avoid detection, it bypasses the local web proxy when doing this connection. Anybody who controls that IP will gain access to the infected computer and the company network. This particular IP is located in Taiwan."
* http://web.nvd.nist.gov/view/vuln/de...=CVE-2009-4324
"... Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on Windows and Mac OS X..."
(Screenshots available at the F-secure URL above.)
:mad:
Shockwave v11.5.6.606 released
FYI...
Shockwave v11.5.6.606 released
- http://www.adobe.com/support/securit...apsb10-03.html
Release date: January 19, 2010
CVE number: CVE-2009-4002, CVE-2009-4003
Platform: Windows and Macintosh
"... Adobe recommends Shockwave Player users uninstall Shockwave version 11.5.2.602 and earlier on their systems, restart their systems, and install Shockwave version 11.5.6.606, available here: http://get.adobe.com/shockwave/ ... Adobe categorizes this as a critical update and recommends that users apply the update for their product installations..."
- http://news.techworld.com/security/3...e-player-bugs/
"... installed on some 450 million PCs..."
- http://secunia.com/advisories/37888/2/
Release Date: 2010-01-20
Critical: Highly critical
Impact: System access
Where: From remote
Solution Status: Vendor Patch
Software: Adobe Director 11.x, Adobe Shockwave Player 11.x
Solution: Update to Shockwave version 11.5.6.606.
:fear:
Adobe multiple vulns - Flash/Reader/Acrobat/ColdFusion - more
FYI...
Adobe Flash Player Domain Sandbox Bypass Vuln
- http://secunia.com/advisories/38547/
Release Date: 2010-02-12
Criticality level: Moderately critical
Impact: Security Bypass
Where: From remote
Solution Status: Vendor Patch
Software: Adobe AIR 1.x, Adobe Flash CS3, Adobe Flash CS4, Adobe Flash Player 10.x, Adobe Flex 3.x
Original Advisory: http://www.adobe.com/support/securit...apsb10-06.html
"...Details:
A critical vulnerability has been identified in Adobe Flash Player version 10.0.42.34 and earlier. This vulnerability (CVE-2010-0186) could subvert the domain sandbox and make unauthorized cross-domain requests. This update also resolves a potential Denial of Service issue (CVE-2010-0187).
Adobe recommends users of Adobe Flash Player 10.0.42.34 and earlier versions update to Adobe Flash Player 10.0.45.2.
- http://get.adobe.com/flashplayer/
*Adobe recommends all users of Adobe AIR version 1.5.3.9120 and earlier update to the newest version 1.5.3.9130..."
- http://get.adobe.com/air/
Revisions: February 12, 2010 - Bulletin updated with corrected version numbers for AIR.*
- http://atlas.arbor.net/briefs/index#1106299496
February 15, 2010 - "High Severity... Analysis: This is a serious issue that we encourage all sites to schedule an update..."
- http://web.nvd.nist.gov/view/vuln/de...=CVE-2010-0186
Last revised: 02/26/2010
Flash Player before 10.0.45.2, AIR before 1.5.3.9130...
CVSS v2 Base Score: 6.8 (MEDIUM)
- http://web.nvd.nist.gov/view/vuln/de...=CVE-2010-0187
Last revised: 02/26/2010
Flash Player before 10.0.45.2, AIR before 1.5.3.9130...
CVSS v2 Base Score: 4.3 (MEDIUM)
Adobe Products XML Processing Information Disclosure
- http://secunia.com/advisories/38543/
Release Date: 2010-02-12
Criticality level: Moderately critical
Impact: Exposure of system information, Exposure of sensitive information
Where: From remote
Solution Status: Vendor Patch
Software: Adobe BlazeDS 3.x, Adobe ColdFusion 8.x, Adobe ColdFusion 9.x, Adobe ColdFusion MX 7.x, Adobe Flex Data Services 2.x, Adobe LiveCycle 8.x, Adobe LiveCycle 9.x, Adobe LiveCycle Data Services 2.x, Adobe LiveCycle Data Services 3.x
Solution: Apply patches. Please see the vendor's advisory for required installation steps.
Original Advisory: http://www.adobe.com/support/securit...apsb10-05.html
"... Summary:
An important vulnerability (CVE-2009-3960) has been identified in BlazeDS 3.2 and earlier versions. When processing incoming requests, XML external entity references and injected tags can result in disclosure of information. This issue affects LiveCycle 9.0, 8.2.1 and 8.0.1, and ColdFusion 9.0, 8.0.1, 8.0, and 7.0.2, which are installed with different versions of Data Services products. Adobe has provided a solution for the reported vulnerability for each affected Adobe product. It is recommended that users update their installations of each affected Adobe product to the latest version using the instructions provided..."
- http://web.nvd.nist.gov/view/vuln/de...=CVE-2009-3960
Last revised: 02/26/2010
BlazeDS 3.2 and earlier, as used in LiveCycle 8.0.1, 8.2.1, and 9.0, LiveCycle Data Services 2.5.1, 2.6.1, and 3.0, Flex Data Services 2.0.1, and ColdFusion 7.0.2, 8.0, 8.0.1, and 9.0...
CVSS v2 Base Score: 4.3 (MEDIUM)
:fear:
Adobe Reader/Acrobat critical update released
FYI...
Adobe Reader/Acrobat critical update released
- http://www.adobe.com/support/securit...apsb10-07.html
February 16, 2010 - "... this vulnerability (CVE-2010-0186) could subvert the domain sandbox and make unauthorized cross-domain requests. In addition, a critical vulnerability (CVE-2010-0188) has been identified that could cause the application to crash and could potentially allow an attacker to take control of the affected system.
Adobe recommends users of Adobe Reader 9.3 and earlier versions for Windows, Macintosh and UNIX update to Adobe Reader 9.3.1. (For Adobe Reader users on Windows and Macintosh who cannot update to Adobe Reader 9.3.1, Adobe has provided the Adobe Reader 8.2.1 update.)
Adobe recommends users of Adobe Acrobat 9.3 and earlier versions for Windows and Macintosh update to Adobe Acrobat 9.3.1. Adobe recommends users of Acrobat 8.2 and earlier versions for Windows and Macintosh update to Acrobat 8.2.1.
Affected software versions:
Adobe Reader 9.3 and earlier versions for Windows, Macintosh, and UNIX
Adobe Acrobat 9.3 and earlier versions for Windows and Macintosh
Solution: Adobe Reader:
Users can utilize the product's automatic update facility. The default installation configuration runs automatic updates on a regular schedule, and can be manually activated by choosing Help > Check For Updates Now.
Adobe Reader users on Windows can find the appropriate update here:
http://www.adobe.com/support/downloads/new.jsp .
Adobe Reader users on Macintosh can find the appropriate update here:
http://www.adobe.com/support/downloads/new.jsp .
Adobe Reader users on UNIX can find the appropriate update here:
http://www.adobe.com/products/reader/unix9/ (download latest update from 9.3.1 folder)...
Adobe Acrobat:
Users can utilize the product's automatic update facility. The default installation configuration runs automatic updates on a regular schedule, and can be manually activated by choosing Help > Check For Updates Now.
Acrobat Standard and Pro users on Windows can find the appropriate update here:
http://www.adobe.com/support/downloads/new.jsp .
Acrobat Pro Extended users on Windows can find the appropriate update here:
http://www.adobe.com/support/downloads/new.jsp .
Acrobat 3D users on Windows can find the appropriate update here:
http://www.adobe.com/support/downloads/new.jsp.
Acrobat Pro users on Macintosh can find the appropriate update here:
http://www.adobe.com/support/downloads/new.jsp .
Severity rating:
Adobe categorizes this as a critical update and recommends that users apply the update for their product installations..."
- http://web.nvd.nist.gov/view/vuln/de...=CVE-2010-0188
Last revised: 02/26/2010
Reader and Acrobat 8.x before 8.2.1 and 9.x before 9.3.1...
CVSS v2 Base Score: 10.0 (HIGH)
- http://secunia.com/advisories/38551/
Last Update: 2010-02-17
Criticality level: Highly critical
Impact: Security Bypass, System access
Where: From remote
Solution Status: Vendor Patch
Software: Adobe Acrobat 3D 8.x, Adobe Acrobat 8 Professional, Adobe Acrobat 8.x, Adobe Acrobat 9.x, Adobe Reader 8.x, Adobe Reader 9.x
Solution: Update to version 8.2.1 or 9.3.1.
- http://blog.trendmicro.com/adobe-rel...r-and-acrobat/
Feb. 21, 2010
:fear::fear:
Adobe Reader and Acrobat updates - 04.13.2010
FYI...
Security Advisory for Adobe Reader and Acrobat
- http://www.adobe.com/support/securit...apsb10-09.html
April 8, 2010 - "Adobe is planning to release updates for Adobe Reader 9.3.1 for Windows, Macintosh and UNIX, Adobe Acrobat 9.3.1 for Windows and Macintosh, and Adobe Reader 8.2.1 and Acrobat 8.2.1 for Windows and Macintosh to resolve critical security issues. Adobe expects to make these quarterly updates available on April 13, 2010. Users may monitor the latest information on the Adobe Product Security Incident Response Team blog at http://blogs.adobe.com/psirt * ..."
- http://web.nvd.nist.gov/view/vuln/de...=CVE-2009-4764
- http://web.nvd.nist.gov/view/vuln/de...=CVE-2010-1240
- http://web.nvd.nist.gov/view/vuln/de...=CVE-2010-1241
* http://blogs.adobe.com/psirt/2010/04...terly_s_2.html
April 8, 2010 - "A Security Advisory has been posted in regards to the upcoming Adobe Reader and Acrobat updates scheduled for April 13, 2010. The updates will address critical security issues in the products. This quarterly security update will be made available for Windows, Macintosh and UNIX. With this quarterly update, we are enabling the new updater first shipped in a passive state with the October quarterly security update. For more information, please refer to the Adobe Reader blog**...."
** http://blogs.adobe.com/adobereader/2..._and_acro.html
April 8, 2010
:fear:
Adobe v9.3.2 Reader/Acrobat released
FYI...
Security update available for Adobe Reader and Acrobat
- http://www.adobe.com/support/securit...apsb10-09.html
April 13, 2010 - "... Adobe recommends users of Adobe Reader 9.3.1 and earlier versions for Windows, Macintosh and UNIX update to Adobe Reader 9.3.2. (For Adobe Reader users on Windows and Macintosh, who cannot update to Adobe Reader 9.3.2, Adobe has provided the Adobe Reader 8.2.2 update.) Adobe recommends users of Adobe Acrobat 9.3.1 and earlier versions for Windows and Macintosh update to Adobe Acrobat 9.3.2. Adobe recommends users of Acrobat 8.2.1 and earlier versions for Windows and Macintosh update to Acrobat 8.2.2...
... Users can utilize the product's automatic update feature...
... users on Windows/Macintosh can also find the appropriate update here:
- http://www.adobe.com/support/downloads/new.jsp
... Unix users here:
- http://www.adobe.com/products/reader/unix9/
(download latest update from 9.3.2 folder)
CVE numbers: CVE-2010-0190, CVE-2010-0191, CVE-2010-0192, CVE-2010-0193, CVE-2010-0194, CVE-2010-0195, CVE-2010-0196, CVE-2010-0197, CVE-2010-0198, CVE-2010-0199, CVE-2010-0201, CVE-2010-0202, CVE-2010-0203, CVE-2010-0204, CVE-2010-1241
Platform: All Platforms
- http://secunia.com/advisories/39272/
Release Date: 2010-04-14
Criticality level: Highly critical
Impact: Cross Site Scripting, System access
Where: From remote
Software: Adobe Acrobat 3D 8.x, Adobe Acrobat 8 Professional, Adobe Acrobat 8.x, Adobe Acrobat 9.x, Adobe Reader 8.x, Adobe Reader 9.x
Solution: Update to version 9.3.2 or 8.2.2.
- http://atlas.arbor.net/briefs/index#-69029221
April 20, 2010 - "Analysis: We have seen exploit code used for some of these bugs, most notably with the Zeus botnet. We encourage all sites to update their Adobe PDF viewers immediately to address these issues."
:fear:
Adobe Photoshop security update CS4 11.0.1
FYI...
Security issues in Adobe Photoshop CS4 11.0.0
- http://www.adobe.com/support/securit...apsb10-10.html
April 30, 2010 - "Critical vulnerabilities have been identified in Photoshop CS4 that could allow an attacker who successfully exploits these vulnerabilities to take control of the affected system... Adobe recommends Photoshop CS4 customers update to Photoshop CS4 11.0.1 using the instructions below.
To verify the version of Adobe Photoshop CS4 currently installed, choose Help > About Adobe Photoshop CS4 from the Adobe Photoshop menu bar. To check for updates, choose Help > Updates from the Adobe Photoshop menu bar.
Photoshop CS4 customers can also find the Photoshop CS4 11.0.1 update for Windows or Macintosh here:
Adobe Photoshop CS4 11.0.1 update for Windows
- http://www.adobe.com/support/downloa...jsp?ftpID=4292
Adobe Photoshop CS4 11.0.1 update for Macintosh
- http://www.adobe.com/support/downloa...jsp?ftpID=4291
Note: These issues do not affect Photoshop CS5..."
- http://www.adobe.com/support/downloads/new.jsp
Adobe Photoshop CS4 TIFF File Processing vuln - update available
- http://secunia.com/advisories/39711/
Release Date: 2010-05-03
Criticality level: Highly critical
Impact: System access
Where: From remote
Solution: Update to Photoshop CS4 11.0.1.
- http://web.nvd.nist.gov/view/vuln/de...=CVE-2010-1279
Adobe Photoshop -CS3- TIFF File Processing Vuln
- http://secunia.com/advisories/39709/
Release Date: 2010-05-05
Criticality level: Highly critical
Impact: System access
Where: From remote
Solution Status: -Unpatched-
Solution: Upgrade to a higher version.
:fear::fear:
Adobe Shockwave/ColdFusion advisories...
FYI...
Shockwave Player v11.5.7.609 released
- http://www.adobe.com/support/securit...apsb10-12.html
May 11, 2010 - "... Summary:
Critical vulnerabilities have been identified in Adobe Shockwave Player 11.5.6.606 and earlier versions on the Windows and Macintosh operating systems. The vulnerabilities could allow an attacker, who successfully exploits these vulnerabilities, to run malicious code on the affected system. Adobe recommends users of Adobe Shockwave Player 11.5.6.606 and earlier versions update to Adobe Shockwave Player 11.5.7.609, using the instructions provided below.
Affected software versions: Shockwave Player 11.5.6.606 and earlier versions for Windows and Macintosh
Solution: Adobe recommends users of Adobe Shockwave Player 11.5.6.606 and earlier versions upgrade to the newest version 11.5.7.609, available here:
- http://get.adobe.com/shockwave/
CVE number: CVE-2010-0127, CVE-2010-0128, CVE-2010-0129, CVE-2010-0130, CVE-2010-0986, CVE-2010-0987, CVE-2010-1280, CVE-2010-1281, CVE-2010-1282, CVE-2010-1283, CVE-2010-1284, CVE-2010-1286, CVE-2010-1287, CVE-2010-1288, CVE-2010-1289, CVE-2010-1290, CVE-2010-1291, CVE-2010-1292
Platform: Windows and Macintosh
Adobe Shockwave Player Multiple Vulnerabilities
- http://secunia.com/advisories/38751/
Hotfixes available for ColdFusion
- http://www.adobe.com/support/securit...apsb10-11.html
May 11, 2010 - "... Summary:
Important vulnerabilities have been identified in ColdFusion 8.0, 8.0.1, 9.0 and earlier versions for Windows, Macintosh and UNIX. The vulnerabilities could lead to cross-site scripting and information disclosure.
Affected software versions: ColdFusion 8.0, 8.0.1, 9.0 and earlier versions for Windows, Macintosh and UNIX
Solution: Adobe recommends affected ColdFusion customers update their installation using the instructions provided in the following link:
- http://kb2.adobe.com/cps/841/cpsid_84102.html
CVE number: CVE-2009-3467, CVE-2010-1293, CVE-2010-1294
Platform: All Platforms ..."
Adobe ColdFusion Cross-Site Scripting and Information Disclosure
- http://secunia.com/advisories/39790/
:fear:
Photoshop CS4 v11.0.2 - security update
FYI...
Photoshop CS4 v11.0.2 - security update
- http://www.adobe.com/support/securit...apsb10-13.html
May 26, 2010 - "Critical vulnerabilities have been identified in Photoshop CS4 11.0.1 and earlier for Windows and Macintosh that could allow an attacker who successfully exploits these vulnerabilities to take control of the affected system... Adobe recommends Photoshop CS4 customers update to Photoshop CS4 11.0.2, which resolves these issues.
Note: None of these issues affect Photoshop CS5.
To verify the version of Adobe Photoshop CS4 currently installed, choose Help > About Adobe Photoshop CS4 from the Adobe Photoshop menu bar. To check for updates,
choose Help > Updates from the Adobe Photoshop menu bar.
Photoshop CS4 customers can also find the Photoshop CS4 11.0.2 update for Windows or Macintosh here:
* Adobe Photoshop CS4 11.0.2 update for Windows
- http://www.adobe.com/support/downloa...jsp?ftpID=4713
* Adobe Photoshop CS4 11.0.2 update for Macintosh
- http://www.adobe.com/support/downloa...jsp?ftpID=4712 ..."
- http://secunia.com/advisories/39934/
Release Date: 2010-05-27
Criticality level: Highly critical
Impact: System access
Where: From remote
Solution: Update to version 11.0.2...
- http://web.nvd.nist.gov/view/vuln/de...=CVE-2010-1296
Last revised: 05/27/2010
:fear: