Adobe warns of Flash, PDF zero-day attacks

[Tarun]

Adobe issued an alert late Friday night to warn about zero-day attacks against an unpatched vulnerability in its Reader and Flash Player software products.

The vulnerability, described as critical, affects Adobe Flash Player 10.0.45.2 and earlier versions for Windows, Macintosh, Linux and Solaris operating systems. It also affects the authplay.dll component that ships with Adobe Reader and Acrobat 9.x for Windows, Macintosh and UNIX operating systems, Adobe said.

From Adobe’s advisory:

This vulnerability (CVE-2010-1297) could cause a crash and potentially allow an attacker to take control of the affected system. There are reports that this vulnerability is being actively exploited in the wild against both Adobe Flash Player, and Adobe Reader and Acrobat.

The Flash Player 10.1 Release Candidate “does not appear to be vulnerable,” the company said.

Mitigation Guidance

In the absence of a patch, Adobe recommends deleting, renaming, or removing access to the authplay.dll file that ships with Adobe Reader and Acrobat 9.x. This will mitigate the threat but users will experience a non-exploitable crash or error message when opening a PDF file that contains SWF content.

The authplay.dll that ships with Adobe Reader and Acrobat 9.x for Windows is typically located at C:\Program Files\Adobe\Reader 9.0\Reader\authplay.dll for Adobe Reader or C:\Program Files\Adobe\Acrobat 9.0\Acrobat\authplay.dll for Acrobat.

Adobe Reader and Acrobat 8.x are confirmed not vulnerable.

Adobe security chief Brad Arkin said the company received the first malicious sample around 10:30 AM on Friday. There is no information on when a patch will be available.

Link: Lunarsoft

[greenknight]

So glad you posted this, I hadn't heard about it. Just installed Flash 10.1 RC7, so now not vulnerable.

I had no worries about Adobe Reader - my system won't support v9, and v8 isn't affected. A rare instance where not being up-to-date is safer. :)

[Tarun]

I too am running the RC. I've been scouring the net for news that I can post on our frontpage and forums. I need more editors. :)

[Eldmannen]

Good idea to run a third-party PDF reader.

[greenknight]

I too am running the RC. I've been scouring the net for news that I can post on our frontpage and forums. I need more editors.

I need a faster Internet connection, then maybe I would have time to contribute more; no money for it now, though. You've got a much better chance of finding more editors than I have of getting broadband anytime soon.

Good idea to run a third-party PDF reader.

Good point, especially with the insecure mess Adobe has made of theirs. Why they thought PDFs needed interactive content I'll never understand.

---

Does the Multiquote feature not work, or do I just not understand how to use it? I couldn't get it to work - I used copy-and-paste to create this post.

[Tarun]

In the next few days I plan to make some announcements that will reflect what we need and the extensive changes occurring.

Multiquote works, you just have to hit Add Reply after you select those you wish to multiquote.

[0_0]

I need a faster Internet connection...

Does the Multiquote feature not work, or do I just not understand how to use it?

Multiquote works, you just have to hit Add Reply after you select those you wish to multiquote.

greenknight, I feel your pain, I'm stuck with dialup unless big changes take place - satellite gets cheaper, DSL gets closer, or dialup gets

faster The real shame is sites keep pumping more and more crap into the feed that loads first so I have to wait for all the adds to show

up, if I stop loading the page the info I'm looking for has yet to be loaded

As Tarun has said, the 'MultiQuote' feature works and is pretty easy to use...

...for each post you want to quote - click the MultiQuote tab - should change color, mine turns green

...click Add Reply and the Editor should open

...Edit your post as you see fit and Add Reply when done

[greenknight]

Multiquote works, you just have to hit Add Reply after you select those you wish to multiquote.

Sure does, can't believe I didn't try that. Must have been really tired.

greenknight, I feel your pain, I'm stuck with dialup unless big changes take place - satellite gets cheaper, DSL gets closer, or dialup gets

faster The real shame is sites keep pumping more and more crap into the feed that loads first so I have to wait for all the adds to show

up, if I stop loading the page the info I'm looking for has yet to be loaded

Exactly. Here, we can't get DSL; the only choices (besides dialup) are satellite or Comcast cable. Ugh. Even if I could afford it, I'd hate to sell my soul to Comcast.

[Tarun]

How does Lunarsoft work for you guys being on dial-up? I keep in mind all types of connections when working on the website and try to make sure graphics are few and small in file size.

[0_0]

For me, Lunarsoft functions just fine, the upgrades are nice, pleasing to my eyes anyway. I would never want you to sacrifice a

feature simply because it would load slowly for a dialup user - I would say most people have hi speed so design around them.

I do think I have reached a critical mass, I may have to avoid forums altogether and stick with IRC. I like the live conversation, and

the 2 channels I spend time in (programming related) have some very nice people. I'm thinking maybe 60 days or so and hopefully I

can wean myself away from the forums, I don't really have need like you with your apps.

[Tarun]

Ever since I started Lunarsoft, I've tried to keep it lightweight for dial-up users so we can have anyone from anywhere enjoy the website and forums. That was even part of the reason I switched over to MediaWiki instead of keeping my php pages for PC maintenance. Perhaps I should look into getting IRC on here too. :thumbdown:

[greenknight]

The site works fine. Takes a little longer to load than it did before IPB 3.0, by not extremely long. Compared to a lot of sites which are overloaded with Flash, elaborate graphics, etc., it's a dream.

[Tarun]

That's really good to know greenknight, thank you. Now if only we can get a bit more activity and donations to help the site, it'd be perfect. :thumbdown:

[James_A]

No need for running the Release Candidate 10.1 any more.

Adobe have released the security update for Flash 10 and it's now at version 10.1.53.64.

Adobe Reader fix should be out on 29th June.