[funsec] Adobe 0-day in the wild
Paul Ferguson
fergdawgster at gmail.com
Fri Feb 20 12:02:34 CST 2009
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Fri, Feb 20, 2009 at 5:37 AM, Juha-Matti Laurio
<juha-matti.laurio at netti.fi> wrote:
> In case you are not aware of the Acrobat/Adobe Reader 0-day there is more
> information at
> http://www.adobe.com/support/security/advisories/apsa09-01.html
>
> "Adobe is planning to release updates to Adobe Reader and Acrobat to
> resolve the relevant security issue. Adobe expects to make available an
> update for Adobe Reader 9 and Acrobat 9 by March 11th, 2009."
>
> But users of 8.x and older versions have to wait.
>
> There is a backdoot Trojan exploiting the issue in the wild.
>
> Note: All platforms are reportedly affected.
>
Actually, there are now _several_ exploits for this vulnerability... and
growing in number fast.
- - ferg
-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 9.6.3 (Build 3017)
wj8DBQFJnvA1q1pz9mNUZTMRAtV7AKCOc1PLI31ggHQ/UIGcKm2WGkSHRwCeNp7t
zFpNuFUv1s+V3KJB0WRTXvE=
=mYY/
-----END PGP SIGNATURE-----
--
"Fergie", a.k.a. Paul Ferguson
Engineering Architecture for the Internet
fergdawgster(at)gmail.com
ferg's tech blog: http://fergdawg.blogspot.com/
More information about the funsec
mailing list