Zero-day vulnerability in Adobe Reader

Discussion in 'other security issues & news' started by ronjor, Feb 13, 2013.

Thread Status:
Not open for further replies.
  1. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,802
    Location:
    Texas
  2. siljaline

    siljaline Former Poster

    Joined:
    Jun 29, 2003
    Posts:
    6,619
  3. DrBenGolfing

    DrBenGolfing Registered Member

    Joined:
    Nov 29, 2012
    Posts:
    251
    Location:
    Hometown of Van Cliburn
    Does this work on Foxit or the built-in reader in Chrome and Firefox?
     
  4. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,802
    Location:
    Texas
    http://www.adobe.com/support/security/advisories/apsa13-02.html
     
  5. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,802
    Location:
    Texas
    http://arstechnica.com/security/201...r-critical-zero-day-exploit-not-on-by-default
     
  6. FanJ

    FanJ Updates Team

    Joined:
    Feb 9, 2002
    Posts:
    2,564
    Thanks Ron!
     
  7. siljaline

    siljaline Former Poster

    Joined:
    Jun 29, 2003
    Posts:
    6,619
    Adobe confirms targeted attacks due to security hole in Reader

    Cybercriminals have already taken advantage of the latest security hole in Adobe Reader and Acrobat.
     
  8. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    I suggest using protected view and EMET. Based on a very quick look (busy) I'd say EMET would stop this.
     
  9. siljaline

    siljaline Former Poster

    Joined:
    Jun 29, 2003
    Posts:
    6,619
    Adobe didn't tell us to disable AdobeARM from MSCONFIG. :ouch:

    Please ask a Mod or an Expert if you are unsure | uncomfortable performing the above action.
     
  10. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,802
    Location:
    Texas
  11. SweX

    SweX Registered Member

    Joined:
    Apr 21, 2007
    Posts:
    6,429
    Thx Ron, then I know when to make an update as I update manually :thumb:
     
  12. siljaline

    siljaline Former Poster

    Joined:
    Jun 29, 2003
    Posts:
    6,619
    As recommended here.

     
  13. siljaline

    siljaline Former Poster

    Joined:
    Jun 29, 2003
    Posts:
    6,619
    http://blogs.adobe.com/psirt/2013/0...y-for-adobe-reader-and-acrobat-apsa13-02.html

     
  14. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    EMET 3.5 will prevent this exploit at multiple steps. I would suggest using it.
     
  15. Syobon

    Syobon Registered Member

    Joined:
    Dec 27, 2009
    Posts:
    469
    yep
    https://twitter.com/msftsecresponse

    even 3.0 will do.
     
  16. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,802
    Location:
    Texas
  17. siljaline

    siljaline Former Poster

    Joined:
    Jun 29, 2003
    Posts:
    6,619
  18. ZeroVulnLabs

    ZeroVulnLabs Developer (aka "pbust")

    Joined:
    Mar 5, 2012
    Posts:
    1,175
    Location:
    USA
  19. Syobon

    Syobon Registered Member

    Joined:
    Dec 27, 2009
    Posts:
    469
  20. Dark Shadow

    Dark Shadow Registered Member

    Joined:
    Oct 11, 2007
    Posts:
    4,553
    Location:
    USA
    EMET is a neat little tool to have or exploit shield.IMO I think everyone should at least one of them on board,Especially having reader,Flash,Java etc.
     
Loading...
Thread Status:
Not open for further replies.