Sophos Cloud Optix
There’s more bad news for the users of Adobe’s products, as the company has just advised that it has discovered critical security vulnerabilities in versions of Adobe Flash Player, Adobe Reader and Adobe Acrobat.
According to an advisory published by the firm, the vulnerabilities can be exploited by malicious hackers to run malicious code on victims computers.
Adobe says that version 10.1.85.3 and earlier of Flash Player for the Windows, Macintosh, Linux and Solaris operating systems are vulnerable. In addition, Adobe Flash Player 10.1.95.2 and earlier versions for Android; and the authplay.dll component that ships with Adobe Reader 9.4 and earlier 9.x versions for Windows, Macintosh and UNIX operating systems are at risk.
Finally, Adobe Acrobat 9.4 and earlier 9.x versions for Windows and Macintosh operating systems are also vulnerable.
Adobe says it is working on fixing the as-yet unpatched vulnerability, and hopes to provide an update for Flash Player 10.x (for the Windows, Macintosh, Linux, and Android platforms) by November 9th. Adobe Reader and Acrobat 9.4 and earlier are scheduled to be updated during the week of November 15th for Windows and Mac OS X.
Of course, that’s some time away – and in the meantime it wouldn’t be a surprise at all to hear of more malicious hackers attempting to exploit these vulnerabilities. Bad news for Adobe’s customers is, of course, bad news for Adobe.
So what should we Mac users do in the meantime?
Sophos detects the components dropped in the attacks we've seen so far as Mal/Dropper-P and Troj/Wisp-A. Of course, we'll continue to keep an eye on this.
Whenever there is a Adobe Flash vulnerability, it affects Adobe Reader/Acrobat as well. The safest thing to do on all platforms is to eliminate the authplay.dll (Windows c:\program files\Adobe Reader\authplay.dll, OS X /Applications/Adobe Reader 9/Adobe Reader.app/Contents/Frameworks/AuthPlayLib.bundle) component to prevent Flash from rendering or being exploited in PDF files.
Is that why I can't install the latest update for my Adobe flash player on my laptop?? I push the "install" button, and my whole computer shuts down.
What exactly is the vulnerability capable of doing?
It will crash Reader can can execute arbitrary code. We are seeing samples in the wild.
Chester
If I browse with adblock plus & don't visit any dodgy sites will I be ok? 😀
Also helps to use Flashblock and Noscript.
Looks like Steve was right… again… Flash is still the biggest backdoor on so many platforms…
I apologize for being the complete tech illiterate in this conversation, but will you please advise us as to what the best defense against this is? Should we remove all Adobe products from our computers and reinstall or look else where until this is resolved? I have been having issues for several days.
Thank you.
The current defense for Adobe Reader and Acrobat is to delete AuthPlay.dll as I noted in my comment above. This does not fix the Flash vulnerability, but will stop Reader and Acrobat from being exploited. It does disable the ability to view Flash animations in PDFs, but I have never seen a legitimate PDF that uses this functionality.
Another option is to use an alternative PDF viewer like Sumatra PDF reader. You can download it from the author's blog at http://blog.kowalczyk.info/software/sumatrapdf/fr…
Chester