Adobe Warns of Flash, PDF Zero Day Attack

Adobe issued an alert late Friday night to warn about zero-day attacks against an unpatched vulnerability in its Reader and Flash Player software products.The vulnerability, described as critical, affects Adobe Flash Player 10.0.45.2 and earlier versions for Windows, Macintosh, Linux and Solaris operating systems.

Adobe issued an alert late Friday night to warn about zero-day attacks against an unpatched vulnerability in its Reader and Flash Player software products.

The vulnerability, described as critical, affects Adobe Flash Player 10.0.45.2 and earlier versions for Windows, Macintosh, Linux and Solaris operating systems.

It also affects the authplay.dll component that ships with Adobe Reader and Acrobat 9.x for Windows, Macintosh and UNIX operating systems, Adobe said.

From Adobe’s advisory:

This vulnerability (CVE-2010-1297) could cause a crash and potentially allow an attacker to take control of the affected system. There are reports that this vulnerability is being actively exploited in the wild against both Adobe Flash Player, and Adobe Reader and Acrobat.

The Flash Player 10.1 Release Candidate “does not appear to be vulnerable,” the company said.

Mitigation Guidance

In the absence of a patch, Adobe recommends deleting, renaming, or removing access to the authplay.dll file that ships with Adobe Reader and Acrobat 9.x.   This will mitigate the threat but users will experience a non-exploitable crash or error message when opening a PDF file that contains SWF content.

The authplay.dll that ships with Adobe Reader and Acrobat 9.x for Windows is typically located at C:Program FilesAdobeReader 9.0Readerauthplay.dll for Adobe Reader or C:Program FilesAdobeAcrobat 9.0Acrobatauthplay.dll for Acrobat.

Adobe Reader and Acrobat 8.x are confirmed not vulnerable.

Adobe security chief Brad Arkin said the company received the first malicious sample around 10:30 AM on Friday.  There is no information on when a patch will be available.

Suggested articles

Discussion

  • DMD on

    I have the ADobe Flash Player units & tried to upgrade & use the latest versions.  I have been certain that for some time now someone has been manipulating my system , scattering files, & files coming up missing.  Need help.  The system completed a back up 1 dya before schedule that ultimately skipped files, on of which contained the kaspersky program I installed leaving my computer crruently vulnerable.  It also dumps unwanted files into my hard drive such as poronagraphy, ect.  Need help

     

  • Anonymous on

    Used to use Kaspersky but found it didn't offer complete protection.  Now use Trend Micro and have had no problems at all.

  • Anonymous on

    Funny Just wait till you get a virus on your send due to Trend Micro sending out one of their corrupt definition files. You will call them for support and get the run around. Then you will start getting e-mails stating if you do not contact them in a specified time period they will close your case. Lesson Learned, after reformatting the hard drive and loaded Kapersky....have not had an issue since. Oh also had to block Trend Micro due to them spamming me about closing my case. This was after me sending at least five e-mails asking that they close my case! So I feel sorry for you that you now feel safe with Trend Micro. If I was you I would try scanning with some free antivirus on the web. You would be surprised what Trend Micro does not find.  Then go and by a copy of Kerpersky. In the event you get a virus Kapersky’s tech support agents will help you out……Verses Trend Micro’s e-mail tag and recorded messages.

  • Anonymous on

    Agreed! If you ever need support then forget Trend and McAfee - all you get is the run around. Kaspersky may miss some things (and it does) but it always finds the crap that McAfee and Trend miss.

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.