Adobe Flash, Acrobat, and Reader Zero Day Attack [Archive] - Glock Talk

PDA

View Full Version : Adobe Flash, Acrobat, and Reader Zero Day Attack


Pierre!
06-07-2010, 15:44
Hey all,

I bet you have already seen this, but here is the short version:
http://seeberconsultblog.com/news-multiple-news-sites-reporting-critical-adobe-flash-flaw/

Affects all operating systems: Windows, Mac, Linux, Unix, and Solaris! (funny, no OS/2 listed?) :rofl:

Git er done!

IndyGunFreak
06-07-2010, 15:57
Hey all,

I bet you have already seen this, but here is the short version:
http://seeberconsultblog.com/news-multiple-news-sites-reporting-critical-adobe-flash-flaw/

Affects all operating systems: Windows, Mac, Linux, Unix, and Solaris! (funny, no OS/2 listed?) :rofl:

Git er done!

Funny... This says it effects "all OS's"... then specifically mentions:

Adobe has yet to release a patch to address the zero-day flaw. Until then, researchers suggest users deploy a workaround by deleting, renaming, or removing access to the authplay.dll file.

First... I'd love to see a kiddie manipulate this "flaw" on a properly secured Linux system.

Second.. The article conveniently lists where this authplay file is found on Windows systems, but lists nothing about Linux or Mac systems... I can't speak for the Mac OS.. but it's simply nowhere to be found on a Linux system.

It may indeed be an issue for Windows/Mac users, I don't know.. but unless that article incorrectly describes the problem, I'm calling shananigans on it being an issue for Linux users...

IGF

Pierre!
06-07-2010, 16:04
I don't even run Adobe Acrobat on Linux... openSuse gives me Ocular, and it works... so I won't even look for the file!

Looks like a non issue to me as well, more of a "damage control" situation...

RTmarc
06-07-2010, 22:14
/opt/Adobe/Reader9/Reader/intellinux/lib/libauthplay.so

IndyGunFreak
06-07-2010, 22:22
/opt/Adobe/Reader9/Reader/intellinux/lib/libauthplay.so

Still want to see the problem executed on a Linux system... To do anything useful w/ that directory, you'll need root access.. so you're gonna have to be a retard to let it happen.

Edit: And FWIW, that file is also not on my system. Probably because I don't use Adobe Reader, but the Op's link specifically mentioned that Flash also contained the vulnerability... Not sure why anyone would use the Linux version of Adobe(although I did used to)... Evince works quite well.

IGF

dglockster
06-08-2010, 13:14
Does the zero-day problem still exist? According to http://www.pcmag.com/article2/0,2817,2341429,00.asp

[Update: Adobe is now acknowledging the problem. They say they are working on it and will have a solution "by March 11th, 2009." Reader and the full Acrobat product are vulnerable they say, in versions 7, 8 and 9, and updates for all will be provided. In the meantime they are working with anti-malware vendors to help them detect exploits of the vulnerability.] Originally posted to the PCMag Security Watch blog.

This is now June 2010.

Pierre!
06-08-2010, 18:17
Does the zero-day problem still exist? According to http://www.pcmag.com/article2/0,2817,2341429,00.asp



This is now June 2010.

Yes, this is a new vulnerability.

Check these:
CNET (http://news.cnet.com/8301-27080_3-20007119-245.html?tag=mncol)
InfoWorld (http://www.infoworld.com/d/security-central/attackers-exploit-critical-bug-in-adobes-flash-reader-292)

At least they have said there will be a fix THIS WEEK! Hope it doesn't break something else...:rofl: