Adobe Warns of Critical Flash Bug, Already Being Exploited

[Marc]

On the same day that it plans to release a patch for a critical flaw in Shockwave, Adobe confirmed on Thursday morning that there is a newly discovered bug in Flash that is being actively exploited already in attacks against Reader. The vulnerability affects Flash on all of the relevant platforms, including Android, as well as Reader on Windows and Mac, and won't be patched for nearly two weeks. The new Flash bug came to light early Thursday when a researcher posted information about the problem, as well as a Trojan that is exploiting it and dropping a pair of malicious files on vulnerable PCs. Researcher Mila Parkour tested the bug and posted a screenshot of the malicious files that a Trojan exploiting the vulnerability drops during its infection routine. Adobe has since confirmed the vulnerability and said that it is aware of the attacks against Reader.

"A critical vulnerability has been identified in Flash Player 10.1.85.3 and earlier versions for Windows, Macintosh, Linux and Solaris; Adobe Flash Player 10.1.95.2 and earlier versions for Android; and the authplay.dll component that ships with Adobe Reader 9.4 and earlier 9.x versions for Windows, Macintosh and UNIX, and Adobe Acrobat 9.4 and earlier 9.x versions for Windows and Macintosh. This vulnerability (CVE-2010-3654) could cause a crash and potentially allow an attacker to take control of the affected system," Adobe said.

Another cross-platform (aka OS) vulnerability.

As many already know, Apple is abandoning Flash.

 

[Claes Gefvenberg]

A possible remedy, then:

Adobes track record is not entirely free from smudges. After suffering numerous Adobe related crashes I switched to Foxit Reader (which I have nothing to do with, except from being a satisfied user), and all of a sudden there was no problem. I have no idea whether this vulnerability can be exploited via Adobe documents read by this software or not, but at least it is a better application: Clearly faster and as I said, much more stable. Worth a try, perhaps?

/Claes

 

[Marc]

Yeah - Macs have Preview. It's a 'built in' program which reads .pdf files. It's a simple reader that doesn't have an attack vector (it's totaly sandboxed). I haven't tried Foxit Reader.

 

[Wes Bucey]

This should serve as a warning to everyone. Sometimes Im thinking that Linux is better.. hmmmm

As we've learned over the years, once ANY platform gets enough users, it becomes a target for hackers [crackers?] who, in the aggregate, are genius enough to attack ANY platform once it becomes a juicy target.