Antivirus VBA32 VirusBlokAda / Антивирус VBA32 ВирусБлокАда - PRODUCTS AND UPDATINGS: Zero-day Adobe bug overshadows impending Flash fix

Antivirus VBA32 VirusBlokAda / Антивирус VBA32 ВирусБлокАда / PRODUCTS AND UPDATINGS Zero-day Adobe bug overshadows impending Flash fix

rus

BUY ONLINE
DOWNLOAD
PRICING
ABOUT US
SERVICES
PRESS CENTRE
CONTACTS
CAREER

SEARCHING

PERSONAL AREA

NEWS

	03.08.2010
	Microsoft closed vulnerability in lnk-files
	More in detail

	09.04.2010
	VBA32 has received new gold...
	More in detail

	01.03.2010
	General manager of "VirusBlokAda" Ltd Bagmet Alexander Vladimirovich has been awarded with the order «THE FATHERLAND’S GLORY STAR»
	More in detail

	23.04.2009
	Updatings of Vba32 are accessible now on internal resources byfly.
	More in detail

	01.04.2009
	Action «The minimum amount of friends is five and the license can be only one»
	More in detail

Company’s news
Products and updatings
News of safety

PRODUCTS AND UPDATINGS Zero-day Adobe bug overshadows impending Flash fix

04.12.2009 Zero-day Adobe bug overshadows impending Flash fix

Fears over a reportedly unpatched flaw in Adobe Illustrator have been heightened by the release of exploit code. A zero-day flaw in the vector graphics editor means that users tricked into opening maliciously manipulated Encapsulated Postscript Files (.eps) files are liable to find themselves hacked. Successful exploitation of the unpatched flaw triggers a memory corruption bug that clears the path towards the execution of malware on vulnerable systems. Security notification firm Secunia reports that both Illustrator CS3 13.0.0 and CS4 14.0.0 are affected, adding that a published exploit works on fully patched Windows XP machines. Other versions of Illustrator may also be vulnerable. Adobe acknowledged a potential problem in at least Illustrator CS4, which it said it was investigating. Adobe is aware of a report of a potential vulnerability in Adobe Illustrator CS4 (CVE-2009-4195). We are currently investigating this issue and will have an update once we have more information. It appears that this issue would require a local user to take the action of opening a malicious .eps file in Illustrator. The software firm's delayed quarterly patch update is due next Tuesday, a date that coincides with Microsoft's Patch Tuesday release. Adobe's security response team will have their work cut out to develop and test a patch in time. Tuesday's releases from Adobe are due to include an update addressing a critical flaw in its Flash player software. The critical update for Adobe Flash Player 10.0.32.18 and earlier versions is due to be accompanied by a security fix for Adobe AIR 1.5.2, also addressing a critical vulnerability. The ubiquity of Adobe software has made it a favourite target for hacking attacks over the last year or so. Booby-trapped PDF exploits have become a particular favourite in targeted attacks. Flash exploits have also become a weapon of choice as miscreants have extended their sights beyond attacks against Internet Explorer and booby-trapped Microsoft Office document files. In response, Adobe has adopted a regular patch schedule.