PC CyberTek » patch

Adobe Shockwave Player Security Vulnerabilities

chris — Wed, 27 Jan 2010 05:38:57 +0000

Some how this one slipped by me because it was published by Adobe on the 19th.

Critical vulnerabilities have been identified in Adobe Shockwave Player 11.5.2.602 and earlier versions, on the Windows and Macintosh operating systems. The vulnerabilities could allow an attacker, who successfully exploits the vulnerabilities, to run malicious code on the affected system. Adobe has provided a solution for the reported vulnerabilities. It is recommended that users update their installations to the latest version using the instructions provided above.

This update resolves a buffer overflow vulnerability that could potentially lead to code execution (CVE-2009-4002).

This update resolves multiple integer overflow vulnerabilities that could potentially lead to code execution (CVE-2009-4003).

Download Adobe Shockwave Player version 11.5.6.606 here

You can find out which version you have by going here Test Adobe Shockwave Player

Another Adobe Acrobat Reader 0-Day Exploit

chris — Thu, 07 Jan 2010 11:13:57 +0000

Here we go again. This isn’t news hot off the press, but I decided I should post about it here just in case some of you have missed it. There has been another Adobe Acrobat Reader exploit, CVE 2009-4324. Since it was first disclosed back in the middle of December, it has grown even nastier. The Internet Storm Center over at sans.org has a good analysis of one of the current variants.

There are still a couple days before Adobe releases a patch, which will finally be released on Jan 12. Adobe suggests you disable Java support until then. This is not the first time this has happened. What I’m suggesting is that even after this is patched, just keep Java disabled. If you open a PDF file that requires Java support, you could always turn it back on. With so many exploits in the wild, and how long it takes for the anti virus vendors to discover them, this one won’t be fixed for almost a month since it was first disclosed publicly, it’s better safe than sorry. Just disable Java support for good. Here’s how to disable Java support in Adobe Acrobat Reader

quoted from Adobe.com

SOLUTION

Customers using Adobe Reader or Acrobat versions 9.2 or 8.1.7 can utilize the JavaScript Blacklist Framework to prevent this vulnerability. Please refer to the TechNote for more information.

Customers who are not able to utilize the JavaScript Blacklist functionality can mitigate the issue by disabling JavaScript in Adobe Reader and Acrobat using the instructions below:
1. Launch Acrobat or Adobe Reader.
2. Select Edit>Preferences
3. Select the JavaScript Category
4. Uncheck the ‘Enable Acrobat JavaScript’ option
5. Click OK

Customers using Microsoft DEP (“Data Execution Prevention”) functionality available in certain versions of Microsoft Windows are at reduced risk in the following configurations:

All versions of Adobe Reader 9 running on Windows Vista SP1 or Windows 7
Acrobat 9.2 running on Windows Vista SP1 or Windows 7
Acrobat and Adobe Reader 9.2 running on Windows XP SP3
Acrobat and Adobe Reader 8.1.7 running on Windows XP SP3, Windows Vista SP1, or Windows 7
With the DEP mitigation in place, the impact of this exploit has been reduced to a Denial of Service during our testing.

Watch your docs and surf safe

Another Adobe Update

chris — Mon, 10 Aug 2009 19:45:01 +0000

There has been another Adobe Acrobat Reader update released. Since this was not a planed update, there must be something nasty floating around on the net. I’d suggest you update Acrobat Reader ASAP, if you haven’t already. You probably already know how to do it, since there has been so many updates recently. In case you don’t, just run Adobe Acrobat Reader and go to the Help menu up at the top. Under Help you will want to select Check For Updates and in that window, select Download and install updates. Another window will open and you should see the download begin. If it isn’t downloading, you may need to uncheck the box marked Download when my internet is idle.

I didn’t bother looking up what this patch is for, but not long ago there was a new exploit floating around so I imagine this is what it’s for.

Trustworthy Conficker Resources

chris — Tue, 31 Mar 2009 19:35:04 +0000

With all the media hype about conficker, I thought you might like a good collection of trustworthy resources. Beware of websites that have recently registered as “conficker help.” In fact, just avoid them all together. There’s also reports of malicious software masquerading as detection and cleaning tools for Conficker-infected computers, as well as spam offering the same.

There’s no need to try and figure out what’s safe or real and what has more sinister plans in mind. The good folks at dshield.org have been keeping an updated list of third party information on conficker. Here you can find plenty of free conficker detection and removal tools, general information and the microsoft patch. That should help keep you updated, safe and informed.

I’ve also found out about one other real neat way of detecting it, but it’s for more advanced users, so I’m going to make a seperate post about it.

Adobe Acrobat 9.1 Now Available

chris — Mon, 16 Mar 2009 08:03:33 +0000

The patch for that security hole in Adobe Acrobat Reader 9.0, which I mentioned here earlier, is finally out. There is only a patch for version 9.0 which will bring you up to 9.1. Earlier versions of Acrobat Reader haven’t had a patch released yet.

You can get Adobe Reader 9.1 and the security bulletin regarding it here. However, this release comes bundled with Adobe AIR. If you’d just like Acrobat Reader , without AIR, you can get it here.

There’s quite a few examples of how to exploit the hole found in 9.0 so I would seriously recomend getting the update.