So far Adobe has only addressed these exploits for version 9.x of its Reader and Acrobat products for Windows fixes for the other versions are due in about a month's time. While Intevydis has so far shown the exploit on Windows machines, apparently it works in OS X as well. Apparently the vulnerability bypasses antiexploitation features in Windows such as DEP and ASLR, and can get around the Internet Explorer sandbox (there is no information on how other browsers handle the issue). Now two similar vulnerabilities have been found in Adobe's Flash Player, which likewise could result in arbitrary code being executed on the system.Ĭomputerworld is reporting that the flaws, for which advisories have been issued by US-CERT, were discovered by Intevydis, a Russian vulnerability research company. So far only attacks on Windows machines have been found, but Mac systems could be affected as well. Recently a vulnerability was found in both Mac and Windows versions of Adobe's Acrobat and Reader products that could allow an attacker to crash the programs and gain control of the system. When it comes to malware exploits, Adobe's Flash and PDF software can't seem to catch a break recently.
0 Comments
Leave a Reply. |