Adobe Patch Fail to Fix Critical FlawAccording to a Vietnam-based security firm 'Bach Khoa Internetwork Security' (BKIS), the out-of-cycle security patch for Adobe Acrobat and Reader released on June 29, 2010 hasn't been able to fix a problem that allows hackers execute malicious code. The update in version 9.3.3 for PDF applications was developed to plug several holes. One of them is related to the Launch message window, which can encourage an end-user to view an .exe file. Didier Stevens, a security researcher from Belgian who informed Adobe about the security hole in March 2010, blogged emphatically soon after the patch's publication that experts had repaired the problem. However, BKIS claims that the update hasn't been able to fully fix the hole that the Vietnamese antivirus firm stated viruses were exploiting during online attacks. Le Manh Tung, a senior security researcher at BKIS, wrote on the company's blog that it was still possible to circumvent the fix, as reported by ZDNet on July 2, 2010. The researcher commented that it was a misfortune that the security update wasn't working alright, as reported by SCMagazine on July 2, 2010. Tung further stated that he could circumvent the fix via a small modification of the exploit that targeted any computer. On July 1, 2010, Tung published the attack's proof-of-concept for confirming the assault. Meantime, Adobe highlighted that it was able to somewhat repair the problem with the help of a blacklist functionality in an attachment for stopping the default launch of .exe files or other malware. When a file containing malicious code is opened, an alert message would pop up telling the user that there is some malevolent file; would he or would he not wish to continue. Moreover, system administrators can edit the attachment blacklist existing by default in Adobe Acrobat and Reader 8.2.3 and 9.3.3 through change in the Windows' registry configuration. Brad Arkin, Director of Product Security and Privacy, Adobe Systems, stated that the new security patch didn't have an accurate solution for /Launch vulnerability, as reported by ChannelWeb on July 2, 2010. Related article: Adobe Rates Acrobat Vulnerabilities “Critical” » SPAMfighter News - 7/13/2010 |    |
Dear Reader
We are happy to see you are reading our IT Security News.
We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!
 |  |
