Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Recent Posts

  • Calendar

    July 2014
    S M T W T F S
    « Jun    
     12345
    6789101112
    13141516171819
    20212223242526
    2728293031  
  • About Us

    On Friday, Adobe released a security advisory announcing a zero-day exploit found in specific Adobe Flash Player versions. Tagged as critical, the vulnerability (CVE-2010-1297) causes the application to crash. Potentially, the underlying vulnerability could also be used to run arbitrary code such as downloading/dropping malicious files onto an affected system.

    Currently, all released 10.0.x and 9.0.x versions of Flash, including the current version (10.0.45.2), are vulnerable. In addition, because the vulnerable component is also used by Adobe’s PDF products, both Acrobat and Reader versions 9.3.2 and earlier that belong to the 9.x family are also affected. The previous 8.x versions of Acrobat and Reader are not affected.

    Malicious files exploiting this vulnerability have already been encountered by Trend Micro and are now detected as TROJ_PIDIEF.WX.

    No date for a patch has been announced by Adobe. However, Adobe offers two potential workarounds, one for Flash and another for Acrobat/Reader. In the former case, users can download the 10.1 version, which is already available for download, although officially it has not been released for public use and remains at Release Candidate status.

    For the latter, users can manually delete the vulnerable component. However, when this is done, all Flash content within .PDF files cannot be opened. Users may see a crash or error message although the exploit will not be triggered.

    Trend Micro protects users via the Smart Protection Network™, which detects and deletes TROJ_PIDIEF.WX via the file reputation service.

    Update as of June 8, 2010, 9:15 a.m. (UTC)

    Attacks that use this vulnerability are now out in full force. TROJ_PIDIEF.WX downloads TROJ_SMALL.WJX and drops BKDR_PDFKA.W onto affected systems. The latter can be used for pay-per-install (PPI) schemes that cybercriminals favor.

    Update as of June 10, 2010, 7:33 a.m. (UTC)

    Adobe has released a product update to resolve the security issue found in Adobe Flash Player. Users are thus advised to immediately update their software. Meanwhile, updates for Adobe Reader and Acrobat 9.3.2 for Windows, Macintosh, and Unix are expected to be released by June 29, 2010.

    Trend Micro Deep Security™ and Trend Micro OfficeScan™ already protect business users against the Adobe Products authplay.dll Remote Code Execution Vulnerability via the Intrusion Defense Firewall (IDF) plug-in if their systems are updated with the IDF rule number 1004202.





    Share this article
    Get the latest on malware protection from TrendLabs
    Email this story to a friend   Technorati   NewsVine   MySpace   Google   Live   del.icio.us   StumbleUpon






     

    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice