On Friday, Adobe released a security advisory announcing a zero-day exploit found in specific Adobe Flash Player versions. Tagged as critical, the vulnerability (CVE-2010-1297) causes the application to crash. Potentially, the underlying vulnerability could also be used to run arbitrary code, such as downloading/dropping malicious files onto the affected system.
Currently, all released 10.0.x and 9.0.x versions of Flash, including the current version (10.0.45.2) are vulnerable. In addition, because the vulnerable component is also used by Adobe’s PDF products, both Acrobat and Reader versions 9.3.2 and earlier that belong to the 9.x family are also affected. The previous 8.x versions of Acrobat and Reader are not affected.
Malicious files exploiting this vulnerability have already been encountered by Trend Micro. These are detected as TROJ_PIDIEF.WX.
No date for a patch has been announced by Adobe. However, Adobe offers two potential workarounds, one for Flash and another for Acrobat/Reader. In the former case, users can download the 10.1 version, which is already available for download, although officially it has not been released for public usage and remains at Release Candidate status.
For the latter, users can manually delete the vulnerable component. However, when this is done, all Flash content within PDF files cannot be opened. Users may experience a crash or error message, although the exploit will not be triggered.
Trend Micro protects users via the Smart Protection Network™, which detects and deletes TROJ_PIDIEF.WX via its file reputation services.
View full post on TrendLabs | Malware Blog – by Trend Micro
Related Posts
- Adobe PDF Zero-Day Exploit Discovered in the Wild
Just after Adobe released their Out of Band patch for CVE-2010-2862, We discovered a malware exploiting a new 0-day vulnerability in the wild. Similar to the iOS PDF jailbreak vulnerability and CVE-20... - Adobe Zero-Day Exploit Flash/Acrobat CVE-2010-1297
Adobe announced a new 0-day vulnerability in Flash, Adobe Reader and Adobe Acrobat over the weekend. The vulnerability lies in how Flash and Adobe Reader/Acrobat handles a specially formatted SWF fil... - Zero-day exploit for Adobe Reader, Flash now in the wild
Adobe has announced that an exploitable flaw in Adobe Reader 9.x, Acrobat 9.x, and Flash 9.x and 10.x has been discovered and is being actively exploited. Windows, Mac OS X, and Li... - Excel File Containing Adobe Zero-Day Exploit Found
We got hold of an exploit targeting the vulnerability Adobe reported in its most recent security advisory.
The exploit, detected as TROJ_ADOBFP.B (now detected as TROJ_ADOBFP.SM), takes advantage of t... - Zero-day Windows exploit – Microsoft issues advisory
Microsoft has just published an advisory about a remotely-exploitable vulnerability in the Windows graphics rendering engine. A patch isn't available yet, but with Patch Tuesday just a week away, we ... - CVE-2010-3654 exploit in the wild, (Mon, Nov 1st)
Remember the vulnerability we discussed in https://isc.sans.edu/diary.html?storyid=9835 It appears to be there is an exploit for CVE-2010-3654 in the wild. While Adobe publishes the security patches, ... - Flash and Acrobat/Reader Hit by New Zero-Day Exploit
This week is turning out to be a busy one for zero-day exploits. Days after such a bug was found in Firefox, it’s Adobe’s turn to have its products under the gun.
According to the official Adobe secu... - Hackers exploit newest Flash zero-day bug
Adobe today confirmed that hackers are exploiting a critical unpatched bug in Flash Player, and promised to patch the vulnerability in two weeks.
View full post on Computerworld Security News... - Limited Firefox Zero-Day Attack in the Wild
Earlier today, Mozilla confirmed on its blog that an unpatched vulnerability exists in Firefox 3.5 and 3.6.
Unfortunately code exploiting the vulnerability is out in the wild. It has been reported th... - Technical Analysis of Adobe Acrobat and Reader Zero-Day Exploit
Several weeks ago, a new Adobe Acrobat/Reader zero-day vulnerability was found and soon exploited in the wild. What’s most interesting about this particular exploit is how it used return-oriented expl...
Posted on 06 June 2010. Tags: Exploit, Flash/Acrobat, Seen, Wild, ZeroDay
Zero-Day Flash/Acrobat Exploit Seen In The Wild http://blog.trendmicro.com/?p=25229