I’d like to call your attention (again) to a major Adobe bulletin that was released yesterday (actually, still today, if you’re far enough behind GMT, but I’m sitting just a train ride away from Greenwich, UK).
In brief, the bulletin concerns the following CVE (Common Vulnerabilities and Exposures) issues:
Adobe categorizes the issues concerned as critical, and recommends:
Among other issues, the update for Adobe Flash Player provides remediation for the vulnerabilities in the Microsoft Active Template Library (ATL) described in Microsoft Security Advisory 973882:
An update is also promised for Adobe Reader and Acrobat v9.1.2 for Windows, Macintosh and UNIX by today.
As Graham Cluley rightly points out in his blog on the same topic, Adobe has become almost the target of choice among black hats recently. (No, I haven’t got notification from Adobe yet: a good job I read other blogs, isn’t it?)
Perhaps even more significant, though, is the interdependency between applications demonstrated here. In a complex operating environment like Windows, it isn’t always practical to consider applications in isolation from each other: the ATL vulnerabilities highlighted at Blackhat affect both Adobe and Microsoft applications, and while the Flash Player update is a Good Thing, you also need the Microsoft update described here. While AV vendors are detecting some vulnerabilities proactively, you shouldn’t rely on AV detection alone, as exploits can sometimes be tweaked so as to evade detection by specific products.
David Harley BA CISSP FBCS CITP
Director of Malware Intelligence
ESET Threatblog (TinyURL with preview enabled): http://preview.tinyurl.com/esetblog
ESET Threatblog notifications on Twitter: http://twitter.com/esetresearch
ESET White Papers Page: http://www.eset.com/download/whitepapers.php
Securing Our eCity community initiative: http://www.securingourecity.org/
Author David Harley, ESET