LandzDown Forum

Security => Security Alerts & Briefings => Topic started by: Eric the Red on March 14, 2011, 07:46:05 PM

Title: Adobe - Zero day vulnerability
Post by: Eric the Red on March 14, 2011, 07:46:05 PM
Adobe have released details of a vulnerability that is currently being exploited and for which there is currently no fix:

Quote
This vulnerability (CVE-2011-0609) could cause a crash and potentially allow an attacker to take control of the affected system. There are reports that this vulnerability is being exploited in the wild in targeted attacks via a Flash (.swf) file embedded in a Microsoft Excel (.xls) file delivered as an email attachment. At this time, Adobe is not aware of attacks targeting Adobe Reader and Acrobat. Adobe Reader X Protected Mode mitigations would prevent an exploit of this kind from executing.

Please refer to the advisory for full details

http://www.adobe.com/support/security/advisories/apsa11-01.html