gfxgfx
 
Please login or register.

Login with username, password and session length
 
gfx gfx
gfx
76774 Posts in 13500 Topics by 1651 Members - Latest Member: insider4ever March 29, 2024, 06:24:16 am
*
gfx*gfx
gfx
WinMX World :: Forum  |  Discussion  |  WinMx World News  |  Adobe Reader/Acrobat 0-day Clarification
gfx
gfxgfx
 

Author Topic: Adobe Reader/Acrobat 0-day Clarification  (Read 699 times)

0 Members and 1 Guest are viewing this topic.

Offline DaBees-Knees

  • WMW Team
  • *****
Adobe Reader/Acrobat 0-day Clarification
« on: February 28, 2009, 06:45:43 am »
http://secunia.com/blog/44/

Quote
By now, most people should hopefully be aware of the 0-day vulnerability currently being actively exploited in Adobe Reader/Acrobat. We initially heard rumours about this 0-day vulnerability on 16th February 2009 and began digging for something more concrete over the following days. Three days later, Adobe confirmed the existence of the 0-day vulnerability and Secunia issued an advisory. Later, a more in-depth analysis was provided to customers on our Secunia Binary Analysis Service. Disabling JavaScript does not prevent exploitation Over the last couple of days, we have seen many sources recommend users to disable support for JavaScript in Adobe Reader/Acrobat to prevent exploitation. While this does prevent many of the currently seen exploits from successfully executing arbitrary code (as they rely on JavaScript), it does not protect against the actual vulnerability. During our analysis, Secunia managed to create a reliable, fully working exploit (available for Secunia Binary Analysis customers), which does not use JavaScript and can therefore successfully compromise users, who may think they are safe because JavaScript support has been disabled. All users of Adobe Reader/Acrobat should therefore show extreme caution when deciding which PDF files to open regardless of whether they have disabled JavaScript support or not. Hopefully, Adobe will be issuing patches very soon.

Stay Secure,

Carsten Eiram,
Chief Security Specialist

It seems at the moment there is no cure or work around available for this exploit.

Offline White Stripes

  • Core
  • *****
  • ***
  • Je suis aimé
Re: Adobe Reader/Acrobat 0-day Clarification
« Reply #1 on: February 28, 2009, 10:41:31 am »
Quote
It seems at the moment there is no cure or work around available for this exploit.

uninstall it...

Offline RReactor

  • Forum Member
Re: Adobe Reader/Acrobat 0-day Clarification
« Reply #2 on: March 10, 2009, 11:27:08 am »
what does it exactly do? has anyone actually confirmed there computer was affected?
RReactor

WinMX World :: Forum  |  Discussion  |  WinMx World News  |  Adobe Reader/Acrobat 0-day Clarification
 

gfxgfx
gfx
©2005-2024 WinMXWorld.com. All Rights Reserved.
SMF 2.0.19 | SMF © 2021, Simple Machines | Terms and Policies
Page created in 0.033 seconds with 23 queries.
Helios Multi © Bloc
gfx
Powered by MySQL Powered by PHP Valid XHTML 1.0! Valid CSS!