Today Adobe announced a new 0-day vulnerability (CVE-2011-0611) in Adobe Flash Player and Adobe Acrobat that, similar to the previous 0-day from less than a month ago, was found embedded in a Microsoft Office file. The vulnerability allows an attacker to execute malicious code on a computer and has been spotted in limited targeted attacks. Websense customers are protected against the known samples that use this vulnerability.
Adobe says in their security advisory that Adobe Acrobat Reader X and its new Sandbox feature prevent the attack from exploiting the system when using PDF files. However, since the vulnerability exists in Flash, a machine can be exploited in other formats and applications that support flash, such as Web pages and Office documents.
The vulnerability has only been seen used in very limited targeted attacks. Here is a VirusTotal report (1/43) of one reported attack file.
Adobe hasn't announced when they will release a patched version of Adobe Flash and Adobe Reader/Acrobat but they did say that they won't fix this until June 14 in Adobe Reader X, as the Sandbox feature prevents the attack.
Related Posts
- Malicious .RTF Files Exploit Microsoft Office Vulnerability
A stack-based buffer overflow vulnerability in Microsoft Office was recently discovered to have been actively exploited in the wild. Trend Micro now detects the exploit .RTF files as TROJ_ARTIEF.SM.
... - Blog: TDL4 Starts Using 0-Day Vulnerability!
In early December, Kaspersky Lab experts detected samples of the malicious program TDL4 (a new modification of TDSS) which uses a 0-day vulnerability for privilege escalation under Windows 7/2008 x86... - New 0-day Vulnerability in Adobe Acrobat Reader
A new, potentially critical vulnerability in Adobe Acrobat Reader has come to our attention at Websense Security Labs. Quick analysis shows that malicious PDF documents i... - CVE-2010-3654 – New dangerous 0-day authplay library adobe products vulnerability, (Thu, Oct 28th)
Adobe released today APSA10-05 advisory, which shows a 0-day vulnerability that can be exploited remotely for Adobe Flash Player, Adobe Reader and Acrobat. Adobe says the update will exist hopefully ... - Adobe Flash Player 0-Day Vulnerability (CVE-2010-2884)
It’s just a few days since Adobe released a security advisory, APSA10-02, alerting users about a critical flaw affecting Adobe Reader versions.
Another 0-Day Vulnerability has been discovered, the vu... - A Second Adobe 0-day Vulnerability In Just One Week (CVE-2010-2884)
Websense Security Labs are currently investigating reports of another in the wild 0-day vulnerability affecting Adobe products. Our customers are protected from this latest vulnerability by ACE, our A... - Adobe Reader 0-day vulnerability (CVE-2010-2883)
A new critical vulnerability has been discovered in Adobe Reader that can be exploited by malicious content. The vulnerability could crash the reader due to a stack buffer overflow bug, which then pot... - Adobe 0-day vulnerability in Flash, Adobe Reader and Acrobat (CVE-2010-1297)
Adobe announced a new 0-day vulnerability in Flash, Adobe Reader and Adobe Acrobat over the weekend. The vulnerability lies in how Flash and Adobe Reader/Acrobat handles a specially formatted SWF file... - Finjan prevents 0-day exploit of Adobe Acrobat Reader and Flash player vulnerability
Finjan’s Malicious Code Research Center (MCRC) has detected yet another case of a 0-day attack “in the wild”. This time, hackers are exploiting a vulnerability (CVE-2009-1862) in Adobe Acrobat/Reader... - Adobe updates Reader and Acrobat
A little earlier as announced, Adobe released updated versions of Adobe Acrobat and Reader. These programs were vulnerable to the Flash Player zero-day-vulnerability as well, which was fixed last week...
Posted on 12 April 2011. Tags: 0day, Adobe, Files, more, Office, Using, Vulnerability
The above information is reprinted from and copyrighted © by Websense.
