Results 1 to 3 of 3
02-25-2009, 05:09 PM #1
- Join Date
- Aug 2001
- Kubota L210
Adobe Security Allert
I just got this from our IT people. I wouldn't normally pass this on to this group, but I'm pretty sure I posted a link in the recent past to a site which was a PDF. It was almost certainly a secure site, but one never knows. The Powers That Be should feel free to delete this message if they deem it unworthy.
National Cyber Alert System Technical Cyber Security Alert TA09-051A
Adobe Acrobat and Reader Vulnerability
Original release date: February 20, 2009
* Adobe Reader version 9 and earlier
* Adobe Acrobat (Professional, 3D, and Standard) version 9 and earlier
Adobe has released Security Bulletin APSB09-01, which describes a vulnerability that affects Adobe Reader and Acrobat. This vulnerability could allow a remote attacker to execute arbitrary code.
Adobe Security Bulletin APSB09-01 describes a memory-corruption vulnerability that affects Adobe Reader and Acrobat. Further details are available in Vulnerability Note VU#905281. An attacker could exploit these vulnerabilities by convincing a user to load a specially crafted Adobe Portable Document Format (PDF) file. Acrobat integrates with popular web browsers, and visiting a website is usually sufficient to cause Acrobat to load PDF content.
By convincing a user to open a malicious PDF file, an attacker may be able to execute arbitrary code or cause a vulnerable PDF viewer to crash. The PDF could be emailed as an attachment or hosted on a website.
b. Prevent Internet Explorer from automatically opening PDF documents
The installer for Adobe Reader and Acrobat configures Internet Explorer to automatically open PDF files without any user interaction. This behavior can be reverted to the safer option of prompting the user by importing the following as a .REG file:
Windows Registry Editor Version 5.00
c. Disable the display of PDF documents in the web browser
Preventing PDF documents from opening inside a web browser will partially mitigate this vulnerability. If this workaround is applied it may also mitigate future vulnerabilities. To prevent PDF documents from automatically being opened in a web browser, do the following:
1. Open Adobe Acrobat Reader.
2. Open the Edit menu.
3. Choose the preferences option.
4. Choose the Internet section.
5. Un-check the "Display PDF in browser" check box.
d. Do not access PDF documents from untrusted sources
e. Do not open unfamiliar or unexpected PDF documents, particularly those hosted on web sites or delivered as email attachments.
* Adobe Security Bulletin apsa09-01 -
APSA09-01 - Buffer overflow issue in versions 9.0 and earlier of Adobe Reader and Acrobat
* Securing Your Web Browser -
Securing Your Web Browser
* Vulnerability Note VU#905281 -
US-CERT Vulnerability Note VU#905281
The most recent version of this document can be found at: US-CERT Technical Cyber Security Alert TA09-051A -- Adobe Acrobat and Reader Vulnerability
02-25-2009, 10:56 PM #2
- Join Date
- Apr 2006
- North of Tower Hill, IL
- John Deere 3320
Re: Adobe Security Allert
I received that one yesterday and the following today for EXCEL files:
Zero Day Excel Vulnerability Spreading in the Wild
24 February, 2009
- This vulnerability affects: All current versions of Microsoft Excel for Windows and Mac computers (also affects Excel Viewer and Office Compatibility Packs)
- How an attacker exploits it: By enticing your users into opening maliciously crafted Excel spreadsheets
- Impact: An attacker can execute code on your computer, potentially gaining control of it
- What to do: Implement the workarounds described in the Solutions section of this alert
Today, Microsoft released a security advisory warning of a very serious unpatched Excel vulnerability, which attackers have already begun exploiting on the Internet. The vulnerability affects all current versions of Excel for Windows and Mac, as well as the Microsoft Excel Viewer and the Office Compatibility Packs.
Since Microsoft just learned about this flaw, they don't describe it in much detail. They only describe how attackers exploit it. By enticing one of your users into downloading and opening a maliciously crafted Excel document (.xls), an attacker can exploit this vulnerability to execute code on a victim's computer, usually inheriting that user's level of privileges and permissions. If your user has local administrative privileges, the attacker gains full control of the user's machine.
With attackers actively exploiting this vulnerability in the wild, it poses a critical risk to Microsoft Office and Excel users. Microsoft hasn't had time to patch the flaw yet, but they plan to do so in the future. Until then, we recommend you implement the workarounds described below to mitigate the risk of this dangerous zero day attack.
Microsoft has not had time to release a patch for this zero day vulnerability. However, the workarounds described below should mitigate the risk of attacks currently circulating in the wild.
- Inform your users of this vulnerability. Advise them to remain wary of unsolicited Excel (.xls) documents arriving via email. If they don't absolutely need the document, and don't trust the entity it came from, they should avoid opening it until Microsoft releases a patch.
- Use antivirus (AV) software and make sure it's up to date. Some AV companies already have signatures that detect these malicious Excel files. Other AV companies will surely follow.
- Use the Microsoft Office Isolated Conversion Environment (MOICE) to open untrusted Excel document. MOICE is a Microsoft add on that provides a special environment which allows you to more securely open Word, Excel, and PowerPoint binary format files. For more details on using it, see the "Suggested Actions" section of Microsoft's security advisory.
John Deere 3320 - 72D Auto Connect deck
02-27-2009, 07:41 AM #3
Re: Adobe Security Allert
This is why my next computer will be a MAC. I put up with 12 years of infestations and computer problems. Not saying MACs don't have thier problems, but I'm not happy with my PC issues.