Critical Exploit Found in Adobe Products

The US-CERT has published a very serious Adobe flash vulnerability that has been uncovered. The vulnerability affects Adobe Flash versions 9.0.159.0 and 10.0.22.87 and earlier 9.x and 10.x versions. Adobe Reader 9, Acrobat 9, and other Adobe products (including Photoshop CS3, PhotoShop Lightroom, Freehand MX, Fireworks) provide Flash support independent of Flash Player. As of 2009-07-22, Adobe Reader 9.1.2 includes Flash 9.0.155.0, which is likely vulnerable to issues addressed by Flash 9.0.159.0.

This is a very serious vulnerability for which there is currently no patch. It allows an attacker to run malicious code on an affected system. We are systematically disabling the flash component as the temporary fix as we don’t like the provided workaround of deleting, renaming, or removing access to the authplay.dll component which will crash the component.

Adobe is expected to publish a fix on July 30th, which we’ll post here.
Aside from applying patches yourself, we are able to protect you and your organization from 0-day exploits such as this one with our Managed Host Intrusion Prevention system. We’ve been monitoring the exploit for about 2  weeks as it was being stopped cold by the system.  With the help of the system we are able to pick up malicious behavior and lock the exploits down before any patches or mentions show up. Shoot us an email for more info.

Stay tuned

Useful links:

http://www.kb.cert.org/vuls/id/259425

http://www.adobe.com/support/security/advisories/apsa09-03.html