- Joined
- Aug 7, 2008
- Messages
- 1,204
- Points
- 48
http://www.youtube.com/watch?v=cIY0-3DyQvA
<object width="480" height="385"><param name="movie" value="http://www.youtube.com/v/cIY0-3DyQvA&hl=en_US&fs=1&"></param><param name="allowFullScreen" value="true"></param><param name="allowscriptaccess" value="always"></param><embed src="http://www.youtube.com/v/cIY0-3DyQvA&hl=en_US&fs=1&" type="application/x-shockwave-flash" allowscriptaccess="always" allowfullscreen="true" width="480" height="385"></embed></object>
http://www.adobe.com/support/security/advisories/apsa10-01.html
Security Advisory for Flash Player, Adobe Reader and Acrobat
Release date: June 4, 2010
Last updated: June 10, 2010
Vulnerability identifier: APSA10-01
CVE number: CVE-2010-1297
Platform: All
Summary
A critical vulnerability exists in Adobe Flash Player 10.0.45.2 and earlier versions for Windows, Macintosh, Linux and Solaris operating systems, and the authplay.dll component that ships with Adobe Reader and Acrobat 9.x for Windows, Macintosh and UNIX operating systems. This vulnerability (CVE-2010-1297) could cause a crash and potentially allow an attacker to take control of the affected system. There are reports that this vulnerability is being actively exploited in the wild against both Adobe Flash Player, and Adobe Reader and Acrobat.
Adobe has released a product update to Adobe Flash Player to resolve the relevant security issue. For more information, please refer to Security Bulletin APSB10-14.
We expect to provide an update for Adobe Reader and Acrobat 9.3.2 for Windows, Macintosh and UNIX by June 29, 2010. Please note that the Acrobat and Reader update represents an accelerated release of the next quarterly security update originally scheduled for July 13, 2010. With this accelerated scheduled we do not plan to release any new updates for Adobe Reader and Acrobat on July 13, 2010.
Affected software versions
Adobe Flash Player 10.0.45.2, 9.0.262, and earlier 10.0.x and 9.0.x versions for Windows, Macintosh, Linux and Solaris
Adobe Reader and Acrobat 9.3.2 and earlier 9.x versions for Windows, Macintosh and UNIX
Note: Adobe Reader and Acrobat 8.x are confirmed not vulnerable.
MItigations
Adobe Flash Player
Adobe has released a product update to Adobe Flash Player to resolve the relevant security issue. For more information, please refer to Security Bulletin APSB10-14.
Adobe Reader and Acrobat - Windows
Deleting, renaming, or removing access to the authplay.dll file that ships with Adobe Reader 9.x and Acrobat 9.x mitigates the threat for those products, but users will experience a non-exploitable crash or error message when opening a PDF file that contains SWF content.
The authplay.dll that ships with Adobe Reader 9.x and Acrobat 9.x for Windows is typically located at C:\Program Files\Adobe\Reader 9.0\Reader\authplay.dll for Adobe Reader or C:\Program Files\Adobe\Acrobat 9.0\Acrobat\authplay.dll for Acrobat.
Adobe Reader 9.x - Macintosh
1) Go to the Applications->Adobe Reader 9 folder.
2) Right Click on Adobe Reader
3) Select Show Package Contents
4) Go to the Contents->Frameworks folder
5) Delete or move the AuthPlayLib.bundle file
Acrobat Pro 9.x - Macintosh
1) Go to the Applications->Adobe Acrobat 9 Pro folder.
2) Right Click on Adobe Acrobat Pro
3) Select Show Package Contents
4) Go to the Contents->Frameworks folder
5) Delete or move the AuthPlayLib.bundle file
Adobe Reader 9.x- UNIX
1) Go to installation location of Reader (typically a folder named Adobe)
2) Within it browse to Reader9/Reader/intellinux/lib/ (for Linux) or Reader9/Reader/intelsolaris/lib/ (for Solaris)
3) Remove the library named "libauthplay.so.0.0.0"
Severity rating
Adobe categorizes this as a critical issue.
Details
A critical vulnerability exists in Adobe Flash Player 10.0.45.2 and earlier versions for Windows, Macintosh, Linux and Solaris operating systems, and the authplay.dll component that ships with Adobe Reader and Acrobat 9.x for Windows, Macintosh and UNIX operating systems. This vulnerability (CVE-2010-1297) could cause a crash and potentially allow an attacker to take control of the affected system. There are reports that this vulnerability is being actively exploited in the wild against both Adobe Flash Player, and Adobe Reader and Acrobat.
Adobe Reader and Acrobat 8.x are confirmed not vulnerable. Mitigation is available for Adobe Reader and Acrobat 9.x customers as detailed above.
Adobe actively shares information about this and other vulnerabilities with partners in the security community to enable them to quickly develop detection and quarantine methods to protect users until a patch is available. As always, Adobe recommends that users follow security best practices by keeping their anti-malware software and definitions up to date.
Adobe has released a product update to Adobe Flash Player to resolve the relevant security issue. For more information, please refer to Security Bulletin APSB10-14.
We expect to provide an update for Adobe Reader and Acrobat 9.3.2 for Windows, Macintosh and UNIX by June 29, 2010. Please note that the Acrobat and Reader update represents an accelerated release of the next quarterly security update originally scheduled for July 13, 2010. With this accelerated scheduled we do not plan to release any new updates for Adobe Reader and Acrobat on July 13, 2010.
Users may monitor the latest information on the Adobe Product Security Incident Response Team blog at the following URL: http://blogs.adobe.com/psirt or by subscribing to the RSS feed here: http://blogs.adobe.com/psirt/atom.xml.
Revisions
June 10, 2010 - Advisory updated with link to Security Bulletin APSB10-14 that resolves the security issue for Adobe Flash Player.
June 8, 2010 - Added information to note that the upcoming Adobe Reader and Acrobat update represents the next quarterly security release, originally scheduled for July 13, 2010.
June 7, 2010 - Update schedule information added, and instructions for Macintosh and UNIX added to 'Mitigations' section.
June 4, 2010 - Advisory released.
http://tw.news.yahoo.com/article/url/d/a/100623/52/27y8r.html
Adobe出現新零時漏洞 下載PDF檔要當心
卡優網 更新日期:"2010/06/23 03:24" 王怡茹
網路族下載PDF檔要當心!近來,資安業者發現,Adobe再度爆發新的零時漏洞(CVE- 2010-1297),一種後門木馬Trojan.Pidief.J正伺機發動遠端攻擊,直至目前為止,Adobe尚發佈官方修補程式;專家呼籲,對於來歷不明的郵件,千萬不要輕易打開其附件,或點選郵件中的連結。
據賽門鐵克最新病毒分析報告指出,最近,Adobe爆發一個新的零時漏洞 (CVE-2010-1297),而針對該漏洞執行遠端代碼的攻擊也很快出現,賽門鐵克檢測為Trojan.Pidief.J,受影響的作業系統包括 Windows95/98/2000/Me/XP/Vista/NT以及WindowsServer2003。
報告提到,Trojan.Pidief.J運作後,會試圖從指定URL下載惡意檔。下載的檔案中包含了一個加密的後門木馬,此木馬將會被釋放到%TEMP%upt.exe執行;同時,其還會與惡意網站進行通訊,並釋放多個其他惡意檔到受感染的電腦中。
資安專家解釋,新病毒的傳播方式主要有幾種,如攻擊者向使用者發送附件中帶有該木馬的郵件,或是攻擊者透過郵件發送惡意連結,該連結會指向帶有該木馬的PDF和SWF檔,或指向掛有該木馬的惡意網站。
專家並呼籲,除了不要輕易開啟來路不明的郵件外,也可善用具有雙向防火牆功能的安全軟體,阻止不明應用程式造訪網路,令被竊取的使用者資訊無法傳輸;若遇到可疑網站,千萬要謹慎勿隨意點擊。
除後門木馬外,近期的報告還發現一個蠕蟲病毒W32.Aemrant,其會偽裝成多個多媒體檔,一旦使用者播放其中任意一個檔,該蠕蟲就會被執行,並且隨即啟動WindowsMediaPlayer以掩飾自身、麻痺用戶。專家建議,使用者最好關閉電腦的自動播放功能,使用行動儲存裝置時。也要先進行安全掃描再打開。
<object width="480" height="385"><param name="movie" value="http://www.youtube.com/v/cIY0-3DyQvA&hl=en_US&fs=1&"></param><param name="allowFullScreen" value="true"></param><param name="allowscriptaccess" value="always"></param><embed src="http://www.youtube.com/v/cIY0-3DyQvA&hl=en_US&fs=1&" type="application/x-shockwave-flash" allowscriptaccess="always" allowfullscreen="true" width="480" height="385"></embed></object>
http://www.adobe.com/support/security/advisories/apsa10-01.html
Security Advisory for Flash Player, Adobe Reader and Acrobat
Release date: June 4, 2010
Last updated: June 10, 2010
Vulnerability identifier: APSA10-01
CVE number: CVE-2010-1297
Platform: All
Summary
A critical vulnerability exists in Adobe Flash Player 10.0.45.2 and earlier versions for Windows, Macintosh, Linux and Solaris operating systems, and the authplay.dll component that ships with Adobe Reader and Acrobat 9.x for Windows, Macintosh and UNIX operating systems. This vulnerability (CVE-2010-1297) could cause a crash and potentially allow an attacker to take control of the affected system. There are reports that this vulnerability is being actively exploited in the wild against both Adobe Flash Player, and Adobe Reader and Acrobat.
Adobe has released a product update to Adobe Flash Player to resolve the relevant security issue. For more information, please refer to Security Bulletin APSB10-14.
We expect to provide an update for Adobe Reader and Acrobat 9.3.2 for Windows, Macintosh and UNIX by June 29, 2010. Please note that the Acrobat and Reader update represents an accelerated release of the next quarterly security update originally scheduled for July 13, 2010. With this accelerated scheduled we do not plan to release any new updates for Adobe Reader and Acrobat on July 13, 2010.
Affected software versions
Adobe Flash Player 10.0.45.2, 9.0.262, and earlier 10.0.x and 9.0.x versions for Windows, Macintosh, Linux and Solaris
Adobe Reader and Acrobat 9.3.2 and earlier 9.x versions for Windows, Macintosh and UNIX
Note: Adobe Reader and Acrobat 8.x are confirmed not vulnerable.
MItigations
Adobe Flash Player
Adobe has released a product update to Adobe Flash Player to resolve the relevant security issue. For more information, please refer to Security Bulletin APSB10-14.
Adobe Reader and Acrobat - Windows
Deleting, renaming, or removing access to the authplay.dll file that ships with Adobe Reader 9.x and Acrobat 9.x mitigates the threat for those products, but users will experience a non-exploitable crash or error message when opening a PDF file that contains SWF content.
The authplay.dll that ships with Adobe Reader 9.x and Acrobat 9.x for Windows is typically located at C:\Program Files\Adobe\Reader 9.0\Reader\authplay.dll for Adobe Reader or C:\Program Files\Adobe\Acrobat 9.0\Acrobat\authplay.dll for Acrobat.
Adobe Reader 9.x - Macintosh
1) Go to the Applications->Adobe Reader 9 folder.
2) Right Click on Adobe Reader
3) Select Show Package Contents
4) Go to the Contents->Frameworks folder
5) Delete or move the AuthPlayLib.bundle file
Acrobat Pro 9.x - Macintosh
1) Go to the Applications->Adobe Acrobat 9 Pro folder.
2) Right Click on Adobe Acrobat Pro
3) Select Show Package Contents
4) Go to the Contents->Frameworks folder
5) Delete or move the AuthPlayLib.bundle file
Adobe Reader 9.x- UNIX
1) Go to installation location of Reader (typically a folder named Adobe)
2) Within it browse to Reader9/Reader/intellinux/lib/ (for Linux) or Reader9/Reader/intelsolaris/lib/ (for Solaris)
3) Remove the library named "libauthplay.so.0.0.0"
Severity rating
Adobe categorizes this as a critical issue.
Details
A critical vulnerability exists in Adobe Flash Player 10.0.45.2 and earlier versions for Windows, Macintosh, Linux and Solaris operating systems, and the authplay.dll component that ships with Adobe Reader and Acrobat 9.x for Windows, Macintosh and UNIX operating systems. This vulnerability (CVE-2010-1297) could cause a crash and potentially allow an attacker to take control of the affected system. There are reports that this vulnerability is being actively exploited in the wild against both Adobe Flash Player, and Adobe Reader and Acrobat.
Adobe Reader and Acrobat 8.x are confirmed not vulnerable. Mitigation is available for Adobe Reader and Acrobat 9.x customers as detailed above.
Adobe actively shares information about this and other vulnerabilities with partners in the security community to enable them to quickly develop detection and quarantine methods to protect users until a patch is available. As always, Adobe recommends that users follow security best practices by keeping their anti-malware software and definitions up to date.
Adobe has released a product update to Adobe Flash Player to resolve the relevant security issue. For more information, please refer to Security Bulletin APSB10-14.
We expect to provide an update for Adobe Reader and Acrobat 9.3.2 for Windows, Macintosh and UNIX by June 29, 2010. Please note that the Acrobat and Reader update represents an accelerated release of the next quarterly security update originally scheduled for July 13, 2010. With this accelerated scheduled we do not plan to release any new updates for Adobe Reader and Acrobat on July 13, 2010.
Users may monitor the latest information on the Adobe Product Security Incident Response Team blog at the following URL: http://blogs.adobe.com/psirt or by subscribing to the RSS feed here: http://blogs.adobe.com/psirt/atom.xml.
Revisions
June 10, 2010 - Advisory updated with link to Security Bulletin APSB10-14 that resolves the security issue for Adobe Flash Player.
June 8, 2010 - Added information to note that the upcoming Adobe Reader and Acrobat update represents the next quarterly security release, originally scheduled for July 13, 2010.
June 7, 2010 - Update schedule information added, and instructions for Macintosh and UNIX added to 'Mitigations' section.
June 4, 2010 - Advisory released.
http://tw.news.yahoo.com/article/url/d/a/100623/52/27y8r.html
Adobe出現新零時漏洞 下載PDF檔要當心
卡優網 更新日期:"2010/06/23 03:24" 王怡茹
網路族下載PDF檔要當心!近來,資安業者發現,Adobe再度爆發新的零時漏洞(CVE- 2010-1297),一種後門木馬Trojan.Pidief.J正伺機發動遠端攻擊,直至目前為止,Adobe尚發佈官方修補程式;專家呼籲,對於來歷不明的郵件,千萬不要輕易打開其附件,或點選郵件中的連結。
據賽門鐵克最新病毒分析報告指出,最近,Adobe爆發一個新的零時漏洞 (CVE-2010-1297),而針對該漏洞執行遠端代碼的攻擊也很快出現,賽門鐵克檢測為Trojan.Pidief.J,受影響的作業系統包括 Windows95/98/2000/Me/XP/Vista/NT以及WindowsServer2003。
報告提到,Trojan.Pidief.J運作後,會試圖從指定URL下載惡意檔。下載的檔案中包含了一個加密的後門木馬,此木馬將會被釋放到%TEMP%upt.exe執行;同時,其還會與惡意網站進行通訊,並釋放多個其他惡意檔到受感染的電腦中。
資安專家解釋,新病毒的傳播方式主要有幾種,如攻擊者向使用者發送附件中帶有該木馬的郵件,或是攻擊者透過郵件發送惡意連結,該連結會指向帶有該木馬的PDF和SWF檔,或指向掛有該木馬的惡意網站。
專家並呼籲,除了不要輕易開啟來路不明的郵件外,也可善用具有雙向防火牆功能的安全軟體,阻止不明應用程式造訪網路,令被竊取的使用者資訊無法傳輸;若遇到可疑網站,千萬要謹慎勿隨意點擊。
除後門木馬外,近期的報告還發現一個蠕蟲病毒W32.Aemrant,其會偽裝成多個多媒體檔,一旦使用者播放其中任意一個檔,該蠕蟲就會被執行,並且隨即啟動WindowsMediaPlayer以掩飾自身、麻痺用戶。專家建議,使用者最好關閉電腦的自動播放功能,使用行動儲存裝置時。也要先進行安全掃描再打開。
