Business IT Support

Some positive news from Adobe last night. Fixes for those nasty vulnerabilities are finally available.

Quick refresher the programs affected are:

• Adobe Flash Player 9.0.159.0 and 10.0.22.87 and earlier 9.x and 10.x versions

• Adobe AIR 1.5.1 and earlier versions

• Adobe Reader and Acrobat 9.1.2 and earlier 9.x versions

The recommendations provided by adobe is that any users of prior versions upgrade them asap.

Linkies to the updates are as follows:

Update for AIR: http://get.adobe.com/air

Update for Reader: http://www.adobe.com/support/downloads/product.jsp?product=10&platform=Windows

Reader will also allow you to update through its own updater

Update for Acrobat: http://www.adobe.com/support/downloads/product.jsp?product=1&platform=Windows

Just keep in mind that its always a good idea to install updates – reason we’re paying special attention to this one is because it is a critical update which is receiving a lot of publicity. Popular vulnerabilities are more likely to be exploited.

Feel free to shoot us an email or comment with any issues/questions.

The US-CERT has published a very serious Adobe flash vulnerability that has been uncovered. The vulnerability affects Adobe Flash versions 9.0.159.0 and 10.0.22.87 and earlier 9.x and 10.x versions. Adobe Reader 9, Acrobat 9, and other Adobe products (including Photoshop CS3, PhotoShop Lightroom, Freehand MX, Fireworks) provide Flash support independent of Flash Player. As of 2009-07-22, Adobe Reader 9.1.2 includes Flash 9.0.155.0, which is likely vulnerable to issues addressed by Flash 9.0.159.0.

This is a very serious vulnerability for which there is currently no patch. It allows an attacker to run malicious code on an affected system. We are systematically disabling the flash component as the temporary fix as we don’t like the provided workaround of deleting, renaming, or removing access to the authplay.dll component which will crash the component.

Adobe is expected to publish a fix on July 30th, which we’ll post here.
Aside from applying patches yourself, we are able to protect you and your organization from 0-day exploits such as this one with our Managed Host Intrusion Prevention system. We’ve been monitoring the exploit for about 2  weeks as it was being stopped cold by the system.  With the help of the system we are able to pick up malicious behavior and lock the exploits down before any patches or mentions show up. Shoot us an email for more info.

Stay tuned

Useful links:

http://www.kb.cert.org/vuls/id/259425

http://www.adobe.com/support/security/advisories/apsa09-03.html