You are here: silicon.com > Management > IT Pro

IT Pro

Adobe probes Flash zero day bug after exploit found

Crazy Trojan horses

Tags: adobe, trojan, flash

Printer Friendly Email Story RSS

By Elinor Mills

Published: 23 July 2009 10:37 GMT

Researchers on Wednesday said they have uncovered attacks in the wild in which malicious Acrobat PDF files are exploiting a vulnerability in Flash and dropping a Trojan onto computers.

The situation could affect tons of users since Flash exists in all popular browsers, is available in PDF files, and is largely operating system-independent.

Any software that uses Flash could be vulnerable to the attack, according to Symantec. Adobe Reader is vulnerable because its Flash interpreter is vulnerable, said Paul Royal, principal researcher at Purewire, a web security services provider.

In a post on its website, Adobe said it "is aware of reports of a potential vulnerability in Adobe Reader and Acrobat 9.1.2 and Adobe Flash Player 9 and 10. We are currently investigating this potential issue and will have an update once we get more information".

"The authors of the exploit have managed to take a bug and turn it into a reliable exploit using a heap spray technique," Patrick Fitzgerald writes on a Symantec Security blog post.

"Typically an attacker would entice a user to visit a malicious website or send a malicious PDF via email," he writes. "Once the unsuspecting user visits the website or opens the PDF this exploit will allow further malware to be dropped onto the victim's machine. The malicious PDF files are detected as Trojan.Pidief.G and the dropped files as Trojan Horse." It appears the exploit was first developed about two weeks ago, Royal said. The bug itself has been around since December 2008.

The hole is exploitable on Windows XP and Vista users are protected if User Account Control (UAC) is enabled, Symantec said.

US-CERT offered information about workarounds on its website:

  • Disable Flash in Adobe Reader 9 on Windows platforms by renaming the following files: "%ProgramFiles%\Adobe\Reader 9.0\Reader\authplay.dll" and "%ProgramFiles%\Adobe\Reader 9.0\Reader\rt3d.dll".

  • Disable Flash Player or selectively enable Flash content as described in the "Securing Your Web Browser" document.

Original article: Adobe investigating zero-day bug in Flash from CNET News.com

Add Comment Add comment  Printer Friendly Print story with   Email Story Email story  
In
Skills & Careers

IT Director

SME Director

Law & Policy

IT Pro


Related Links

Flash of Silverlight to put Microsoft hot on Adobe's heels?

Acrobat.com springs out of beta and into the charging zone

Adobe enlists Patch Tuesday to fix security

Adobe's Flash turns into a telly addict

Silverlight 3 gets Mac friendly

  1. Zones
  2. Management
  3. Networks
  4. Software
  5. IT Services
  6. Hardware
  1. Verticals
  2. Public Sector
  3. Financial Services
  4. Retail & Leisure

Mark Crichard Doing business with citizen developers: Beware the legal pitfalls Legal Eye: Make sure your business is protected from potential hazards

Tim Ferguson How CIOs can achieve post-recession success Q&A: McKinsey & Company on living in the 'new normal' business world

Clouds clear as Microsoft gives Azure a January launch date

Tech grads finding it harder to land job in IT

Mobiles, internet, email - which tech can't you live without?

Orange unveils iPhone tariffs and launch date

Will 'citizen developers' shake up IT development?


  • Jobs
Senior Web Designer; CSS XHTML SEO Adobe Flash Photoshop Illustrator

JQuery • Search Engine Optimisation (SEO) In addition you will have solid experience of the Adobe Creative Suite (CS3) to include the ...

Microsoft Desktop Support Engineer. 40k

You should have experience in diagnosis and networking, VBscript, Powershell, batch files and deployment Server and Symantec Ghost. You must be a ...

Web Developer Co Clare

Keywords:Web developer web designer web Specialist front end intranet job role career Co Clare Shannon Ennis Clare Limerick west coast west-coast ...

Agenda Setters 2009
Welcome to the ninth annual Agenda Setters poll – silicon.com's list of the top 50 most influential individuals in the technology and IT industries, from techies and CIOs to entrepreneurs and business leaders. Find out more in our latest special report.

Data Protection Strategies: Deduplication for More Efficient Backups

Dell PowerVault DL2100 Powered by CommVault - Spec Sheet

True Convergence Demands a Communication Service Provider that Embraces a Customer-Centric...

Learn how Performance Metrics for Telcomm Expense Management Drive new ROIs and SLAs

Martin Brokers cashes in on back-up swap

VocaLink makes virtualisation pay

Sony Pictures sets sights on best IT Oscar

Co-op Group kicks "server sprawl" into touch

Arts Council gets tech troubleshooting boost

Torex tech treats Thorntons to quicker sales

Stories from the web...


Illegal downloaders crackdown: Digital Economy Bill to cut them off

Salesforce.com makes more friends in the cloud

Google sheds light on netbook plans for Chrome OS

How to squeeze the last drops of savings from an outsourcing contract

Salesforce.com plans social networking for business

Outsourcers to fall victim to cloud computing rush?




Quick Sitemap Links: