KrebsOnSecurity.com reports Adobe Systems Inc. warned late Friday that malicious hackers are exploiting a previously unknown security hole present in current versions of its Adobe Reader, Acrobat and Flash Player software. ... “There are reports that this vulnerability is being actively exploited in the wild against both Adobe Flash Player and Adobe Reader and Acrobat,” the company said in a brief blog post published Friday evening. “This vulnerability could cause a crash and potentially allow an attacker to take control of the affected system.” ... Krebs writes "Adobe said the vulnerability exists in Flash Player 10.0.45.2 and earlier versions for Windows, Macintosh, Linux and Solaris operating systems, and a component (authplay.dll) of Adobe Reader and Acrobat versions 9.x for Windows, Mac and UNIX operating systems."
Like all Zero-Day exploits, these have a higher than acceptable likelihood of getting past anti-malware products. That's why we recommend that management seriously consider using advanced intrusion prevention solutions capable of blocking zero-day attacks.
Citadel Information Group
Information Security Management for Business and the Not-for-Profit Community
www.citadel-information.com
Delivering Information Peace of Mind ®
www.citadel-information.com
Delivering Information Peace of Mind ®
Posts
Search This Blog
Index of Topics
- Business at risk (115)
- Citadel in the news (7)
- Citadel Information Security Guides (8)
- Citadel: Guide to Blog (1)
- Citadel: Thinking about Security (10)
- Cloud Security (2)
- Consumers at risk (13)
- Credit card fraud (14)
- Culture Change (1)
- Financial systems security (67)
- Healthcare (7)
- Identity theft (30)
- Insurance (1)
- Internet badlands (113)
- ISSA-LA (2)
- Law Firms (2)
- Legal (23)
- Miscellany (6)
- national security (46)
- Not-for-Profit (5)
- Privacy (27)
- Ray of Sunshine (15)
- School security (3)
- Security Alert: Vulnerability Management (74)
- Security management (24)
- Security Research (5)
- Security Surveys (13)
- Social Engineering (1)
- Social networks (13)
Blog Archive
-
►
2011
(2)
- ► January 2011 (2)
-
▼
2010
(237)
- ► December 2010 (6)
- ► November 2010 (9)
- ► October 2010 (7)
- ► September 2010 (8)
- ► August 2010 (13)
-
▼
June 2010
(13)
- New CyberSecurity Study says "Most senior execs un...
- Security Updates for Adobe Acrobat, Reader
- White House Unveils National Strategy for Online I...
- Computing Now's Gary McGraw interviews Richard Clarke
- Security Updates for Firefox, Opera Browsers
- Security Risk: Time to Move Off Windows XP SP2
- California Court Knowingly Exposes Confidential Da...
- Free WiFi at Starbucks — Reminder of Cybersecurity...
- "CyberWar: Sabotaging the System" on CBS 60 Minutes
- e-Banking Bandits Target Title and Escrow Companies
- Adobe Flash Update Plugs 32 Security Holes
- Microsoft, Apple Ship Big Security Updates
- Adobe Warns of Critical Zero-Day Flaw in Flash, Ac...
- ► April 2010 (39)
- ► March 2010 (65)
- ► February 2010 (38)
- ► January 2010 (27)
-
►
2009
(83)
- ► December 2009 (17)
- ► November 2009 (7)
- ► October 2009 (9)
- ► September 2009 (22)
- ► August 2009 (17)
- ► February 2009 (1)
Information Security Links
- Citadel Information Group
- Google Online Security Blog
- Information Systems Security Association
- Information Systems Security Association - LA Chapter
- InfraGard - Los Angeles
- Krebs on Security
- Microsoft Malware Protection Center
- MITRE CVE
- NIST Computer Security Resource Center
- Open Web Application Security Project (OWASP)
- Privacy Rights Clearinghouse
- SANS Internet Strom Center
- US CERT
Disclaimer
Citadel provides this blog as a public service to the community. We make no claim or representation that items posted on this blog are correct. We post "Security Alerts" primarily to assist readers manage security vulnerabilities on their personal home computers; these alerts are NOT comprehensive and are not to be relied upon as such.
(c) Copyright 2009-2010. Citadel Information Group. All Rights Reserved.
Permission is given to re-post and re-print blog postings provided that attribution is given to Citadel Information Group, the above copyright is included and the following link to our website is provided: www.citadel-information.com
(c) Copyright 2009-2010. Citadel Information Group. All Rights Reserved.
Permission is given to re-post and re-print blog postings provided that attribution is given to Citadel Information Group, the above copyright is included and the following link to our website is provided: www.citadel-information.com