![]() ![]() * Defending against the Flash vector requires uninstalling Flash, which would break a number of websites. This also prevents the use of Flash in PDF files, but that isn't that widely used. * It is relatively easy to defend against the PDF vector by disabling access to authplay.dll (safest, IMHO, is to deny Everyone full control on the file, but keep in mind that reversing this can require taking ownership of the file because only the owner can modify perms on a file to which everyone is blocked). Adobe isn't aware of exploits against Flash, although the absence of evidence is not evidence of absence! * Based on the Adobe bulletin, Adobe is aware of current exploits in the wild against Reader through the PDF vector. Reader does not call Flash - the embedded Flash engine in Reader is independent of the Flash plugin for the browser. Adobe Reader has an embedded Flash engine so that Flash content can be embedded in PDF files. * Both Adobe Reader and Flash are vulnerable. Manuel Humberto Santander Peláez | | | msantand at isc dot sans dot org The authplay.dll that ships with Adobe Reader and Acrobat 9.x for Windows is typically located at C:Program FilesAdobeReader 9.0Readerauthplay.dll for Adobe Reader or C:Program FilesAdobeAcrobat 9.0Acrobatauthplay.dll for Acrobat.ġ) Go to the Applications->Adobe Reader 9 folder.Ĥ) Go to the Contents->Frameworks folder.ĥ) Delete or move the AuthPlayLib.bundle file.ġ) Go to the Applications->Adobe Acrobat 9 Pro folder.ġ) Go to installation location of Reader (typically a folder named Adobe).Ģ) Within it browse to Reader9/Reader/intellinux/lib/ (for Linux) or Reader9/Reader/intelsolaris/lib/ (for Solaris).ģ) Remove the library named "libauthplay.so.0.0.0." Open the RootInstallationFolder custom.ini file in a text editor. Install 32-bit version of the package, even if you have a 64-bit operating system. ![]() The following are the mitigation measures recommended by adobe:ĭeleting, renaming, or removing access to the authplay.dll file that ships with Adobe Reader and Acrobat 9.x mitigates the threat for those products, but users will experience a non-exploitable crash or error message when opening a PDF file that contains Flash (SWF) content. Configure PDF to SWF conversion Install the Microsoft Visual C++ 2010 Redistributable Package (x86) package. Adobe says the update will exist hopefully by the Nov 15 week. ![]() Adobe released today APSA10-05 advisory, which shows a 0-day vulnerability that can be exploited remotely for Adobe Flash Player, Adobe Reader and Acrobat. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |