Camy Posted June 9, 2010 Report Share Posted June 9, 2010 Adobe has acknowledged a "critical" security flaw in its Reader, Acrobat and Flash Player software.Adobe says the vulnerability potentially enables hackers to take control of affected computer systems. Users running Windows, Macintosh or Linux might all be open to attack. The company is working to fix the problem. In the meantime, users of Reader, Acrobat and Flash are advised to ensure their anti-virus software is up to date. "It doesn't really get any worse than a 'zero-day' vulnerability like this," said Graham Cluley, senior technology consultant at Sophos, a security software company. He said that hackers could create a "booby-trapped Flash animation, or PDF" that would give them access to a person's computer, potentially allowing them to harvest personal information or use the machine to send spam messages. Affected software * Adobe Flash Player 10.0.45.2 and earlier 10.0.x versions for Win, Mac, Linux and Solaris * Adobe Flash Player 9.0.262 and earlier 9.0.x versions for Win, Mac, Linux and Solaris * Adobe Reader and Acrobat 9.3.2 and earlier 9.x versions for Win, Mac and UNIX * Adobe Flash Player 10.1 Release Candidate does not appear to be vulnerable * Adobe Reader and Acrobat 8.x are confirmed not vulnerable Source: Adobe Read the full story Read Adobe Security Advisory Be warned, this is not just a windoze problem. If affects Macs and Unix/Linux boxes too. I'll bet Steve Jobs is chortling over his frothy double skinny latte! Link to comment
Cole Parker Posted June 9, 2010 Report Share Posted June 9, 2010 Read the full storyRead Adobe Security Advisory Be warned, this is not just a windoze problem. If affects Macs and Unix/Linux boxes too. I'll bet Steve Jobs is chortling over his frothy double skinny latte! So am I safe as long as I don't open any .pdf files? C Link to comment
JamesSavik Posted June 9, 2010 Report Share Posted June 9, 2010 Awe jeez what a mess. It's bigger than that. So many websites are running flash that it will be difficult to avoid it. Link to comment
DesDownunder Posted June 9, 2010 Report Share Posted June 9, 2010 MS just released 7 updates for Windows. May or may not help. Link to comment
Camy Posted June 9, 2010 Author Report Share Posted June 9, 2010 There are fixes in the Adobe Security Advisor. They're both resonably easy to follow. As James pointed out it's hard to avoid flash if you're online, so sort that out if you can: Download flash uninstaller: http://download.macromedia.com/pub/labs/fl..._win_060210.exe Download flash version 10.1: http://download.macromedia.com/pub/labs/fl...ugin_060210.exe Close your browser, then run the uninstaller - this will remove the version of flash you are presently running. Then run the second file which installs flash version 10.1 which is safe. I did this earlier and all is well. I haven't turned into a botnet ... not that I'd know if I did. The instructions for sorting out acrobat are quite easy. It requires re-naming one file and the instructions are in the Adobe Security Advisor. Remember that the above info is given in good faith and worked for me. BUT! Caveat Emptor. Camy Link to comment
colinian Posted June 11, 2010 Report Share Posted June 11, 2010 Read the full storyRead Adobe Security Advisory Be warned, this is not just a windoze problem. If affects Macs and Unix/Linux boxes too. Here's the full story as of June 10, 2010: Adobe has released a product update to Adobe Flash Player to resolve the relevant security issue. For more information, please refer to Security Bulletin APSB10-14.We expect to provide an update for Adobe Reader and Acrobat 9.3.2 for Windows, Macintosh and UNIX by June 29, 2010. Please note that the Acrobat and Reader update represents an accelerated release of the next quarterly security update originally scheduled for July 13, 2010. With this accelerated scheduled we do not plan to release any new updates for Adobe Reader and Acrobat on July 13, 2010. Colin Link to comment
TracyMN Posted June 11, 2010 Report Share Posted June 11, 2010 Well, I'm sufficiently petrified. And I got at least 2 of these demons on my system.. I'mma shut her down until I get home from work, and can walk off the cliff that doing anything with files is for me. I know what adobe reader does. And vaguely that flash players are for games and maybe animation of all kinds? What's adobe air? Camy your links look really, really friendly. Adobe security advisor, not so much. Gotta pony-up for this one. Thanks all, I wouldn't hear about it anywhere else. Tracy Link to comment
The Pecman Posted June 11, 2010 Report Share Posted June 11, 2010 Haven't heard of any of these problems on... that "other" operating system. Link to comment
Cole Parker Posted June 11, 2010 Report Share Posted June 11, 2010 Will my AVG security catch any intrusions, even those made through the Adobe hole? C Link to comment
The Pecman Posted June 11, 2010 Report Share Posted June 11, 2010 There's a chance AVG will not catch it. Get the new Flash at this link: http://www.adobe.com/products/flashplayer/ Adobe is having a bad year... Link to comment
DesDownunder Posted June 11, 2010 Report Share Posted June 11, 2010 There's a chance AVG will not catch it. Get the new Flash at this link:http://www.adobe.com/products/flashplayer/ Adobe is having a bad year... So what are you saying? Adobe is using Windows 7? Link to comment
TracyMN Posted June 11, 2010 Report Share Posted June 11, 2010 So am I safe as long as I don't open any .pdf files? And the evil twin, of course, am I screwed if I did? OK, you knew it was coming, here's my question: If I have to close my browser, how do I get the links? Hehe, that was what i'd ask last year, but today I think maybe I open the links first, close the browser, and give a go to the uninstaller, and when that's done, give a go to the other one. Laugh all you want, but do correct me if i'm wrong. Forget what it is, Do I need Adobe AIR? Tracy Link to comment
colinian Posted June 12, 2010 Report Share Posted June 12, 2010 Will my AVG security catch any intrusions, even those made through the Adobe hole?C Cole, The answer to your question is yes, as long as you install the patch to Adobe Acrobat Reader and keep your AVG virus definitions up to date. A link to the Acrobat Reader patch (if you haven't already installed it) should pop up when you manually start Acrobat Reader. If you have any of the other Adobe programs listed you should be careful and make sure you have a fully updated anti-virus program. Colin Link to comment
Cole Parker Posted June 12, 2010 Report Share Posted June 12, 2010 Cole,The answer to your question is yes, as long as you install the patch to Adobe Acrobat Reader and keep your AVG virus definitions up to date. A link to the Acrobat Reader patch (if you haven't already installed it) should pop up when you manually start Acrobat Reader. If you have any of the other Adobe programs listed you should be careful and make sure you have a fully updated anti-virus program. Colin ::SIGH!:: My anti-virus program updates and upgrades itself daily. But I have no idea what patch you're referring to, or how to install it! Am I supposed to know this? Maybe I should ask Tracy for advice? C Link to comment
E.J. Posted June 12, 2010 Report Share Posted June 12, 2010 What version of reader do you have? If you are running version 8 or older, you shouldn't have to worry. From Adobe (for what it's worth) : Adobe Reader and Acrobat 8.x are confirmed not vulnerable. Link to comment
Cole Parker Posted June 12, 2010 Report Share Posted June 12, 2010 Adobe Reader 9.3 C Link to comment
TracyMN Posted June 12, 2010 Report Share Posted June 12, 2010 Maybe I should ask Tracy for advice? Or maybe I could just submit my questions for you to ask. Tracy Link to comment
dude Posted June 13, 2010 Report Share Posted June 13, 2010 I just used the uninstall and reinstall links Camy provided. Took less than a minute to accomplish... thanks Camy! Link to comment
TracyMN Posted June 13, 2010 Report Share Posted June 13, 2010 How do you make the links available and still close the browser? Tracy Link to comment
Camy Posted June 13, 2010 Author Report Share Posted June 13, 2010 How do you make the links available and still close the browser? Tracy Tracy, you don't have to have the links available. Download the uninstaller and the installer, then close the browser and run then. Camy Link to comment
TracyMN Posted June 13, 2010 Report Share Posted June 13, 2010 Well, I get it now. Thank you Camy. What? Somebody thought this was an act? Link to comment
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now