Adobe

Adobe posted a vulnerability report warning that vulnerabilities in Adobe Reader and Acrobat XI (11.0.1) and earlier versions are being exploited in the wild. Adobe is currently investigating this issue. According to the FireEye blog posted earlier today, the malicious file arrives as a PDF file. Upon successful exploitation of the vulnerabilities, two malicious DLL files are dropped. Symantec detects the malicious PDF file as Trojan.Pidief and the two dropped DLL files as Trojan Horse. ...

h-Online: On the same day as Microsoft’s September Patch Tuesday, Adobe released an update for ColdFusion to close a security hole in its rapid web application development software. The hotfix for ColdFusion addresses a vulnerability (CVE-2012-2048), which the company rates as important, that could be exploited by a remote attacker to cause a denial-of-service (DoS) condition. According to Adobe, the unspecified error affects versions 8.0, 8.0.1, 9.0 to 9.0.2, and 10 of ColdFusion for Windows, Mac OS X and UNIX. Installing the provided hotfix corrects the problem; download links and installation instructions for each affected version are provided on the APSB12-21 technote page. All users are advised to download and apply the hotfix. Adobe credits UK developer David Boyer for finding and reporting the problem. ...

h-online: Microsoft has confirmed that it will deliver a security update for the bundled version of Flash Player used by Internet Explorer 10 (IE10) sooner than previously planned. In a statement sent to ZDNet, Yunsun Wee, Trustworthy Computing Director at Microsoft, said that the company is working closely with Adobe on an updated version of the Flash plugin which “will be available shortly”. The forthcoming Windows 8 comes with Internet Explorer 10, which, in turn, includes its own version of Flash Player. This arrangement relies on Microsoft’s automatic updates system, Windows Update, for updating the version of Flash included in the web browser. ...

h-Online: Adobe has released the second update for its Flash Player software in a week, this time for six critical vulnerabilities. Four of the issues addressed are problems with memory corruption that could lead to remote code execution; additionally, the update fixes an integer overflow vulnerability that could also lead to remote code execution. Another bug that was fixed is a cross-domain information leak. The problems exist in Flash Player 11.3.300.271 and earlier versions on Windows, Macintosh and Linux, and in the Android versions 11.1.115.11 (Android 4.0) and 11.1.111.10 (Android 3.x and 2.x) and earlier. ...

Adobe wrote: Today, Flash Player 11.3.300.270 for Windows was released to address a crash that was occurring in the Adobe Flash Player Update Service (FlashPlayerUpdateService.exe). There are no other fixes or changes provided with this build. This release is available for Windows only, and affects the Active X and Plug-in installers, uninstaller, and msi’s (available on the distribution page.) No other platforms are affected. Please be aware that this release is not available from the Product Download Center (http://get.adobe.com/flashplayer) which will continue to provide 11.3.300.268. We realize that this might cause confusion for some users. Due to the severity of this issue, we decided to make this build available immediately to help customers affected by this bug. Due to logistical issues and time constraints, we were unable to update the release on the Product Download Center. The next release of Flash Player will correct this disparity. Please note that unless you have been affected by the FlashPlayerUpdateService.exe crash, both 11.3.300.270 and 11.3.300.268 will be functionally identical. ...

Adobe Reader X runs in a sandbox at a very restricted privilege level. Important system calls are supposed to be handled by a special broker process that will subject them to extensive testing. However, a small design flaw allows attackers to escape from this sandbox and execute arbitrary code – despite having both ASLR (Address Space Layout Randomisation) and DEP (Data Execution Prevention). As described by Guillaume Delugré, the broker process is at the heart of the exploit as it uses a memory page allocated via VirtualAllocEx to store the overwritten code of system calls which have been redirected to the broker. Despite having ASLR, however, the memory address returned by VirtualAllocEx is not randomised. This means that the Windows system function call will end up in a predictable, “nearly constant” location which the exploit can then access directly. ...

Adobe has released an updated version of its proprietary Flash Player 11.3 plugin to address a bug that caused Firefox 13 on Windows to crash for some users. The problem is believed to have been related to the recently introduced Protected Mode for the Windows version of Flash Player and the open source web browser; the new mode is designed to isolate the plugin from the rest of the system by running it in its own sandbox. ...

The H-Online: Adobe has announced the release of an update for Flash Player on Windows, Mac, Linux, Android 3.x and 4.x, and within its own AIR runtime. The update addresses several critical vulnerabilities which involve memory corruption, stack overflows, integer overflows, security being bypassed, null dereferencing and binary planting (DLL hijacking). All, except the security bypass, could lead to code execution. The updates also include a number of security enhancements on various platforms. The Windows version of Flash Player now offers a production version of “Flash Player Protected Mode for Firefox” which brings a sandbox to the running of Flash, making it harder for attackers to get at other processes. ...

The H-Online: Adobe has released a security advisory relating to an object confusion vulnerability which allows an attacker to crash the player or take control of an affected system. Adobe says that there are reports of this vulnerability being exploited in the wild as part of targeted email-based attacks which trick the user into clicking on a malicious file; this exploit only targets Flash Player on Internet Explorer on Windows, though the vulnerability exists on Windows, Mac OS X, Linux and Android versions of the player. ...

Cross-posted from BetaNews.com: Adobe took the wraps off Creative Suite 6 on Monday, introducing the largest release to date of the content-creation platform. CS6 now includes up to 12 programs and two companion applications, Bridge and Encore, and is available in four editions: Design Standard, Design and Web Premium, Production Premium, and Master Collection. The CS6 beta is one of the most successful in the company’s history, with one million downloads over the past month of availability alone, a record for Adobe. The move was slightly unusual considering the company typically does not offer large-scale betas of its products. ...