Patch Schedule Announced for Actively Exploited Adobe Reader Vulner...

    Patch Schedule Announced for Actively Exploited Adobe Reader Vulner...


    Posted: 14 Sep 2010

    Patch Schedule Announced for Actively Exploited Adobe Reader Vulnerability


    Adobe plans to ship a fix for the actively exploited critical vulnerability in Adobe Reader and Acrobat during the week of October 4.

    The remote code execution flaw, identified as CVE-2010-2883, was confirmed by Adobe last Wednesday after being spotted in attacks infecting users with malware.

    The exploit employs advanced techniques such as return-oriented programming, which defeat ASLR and DEP protection in Windows Vista and 7.

    In addition, the the payload involves dropping a piece of malware that was digitally signed with a valid certificate stolen from a US-based credit union.

    "We are in the process of finalizing a fix for the issue and expect to provide updates for Adobe Reader 9.3.4 for Windows, Macintosh and UNIX, and Adobe Acrobat 9.3.4 for Windows and Macintosh during the week of October 4, 2010," Adobe says in the associated advisory.

    This represents an accelerated release of the quarterly update originally scheduled for October 12 and will also address a separate critical vulnerability affecting the Adobe Reader Flash interpreter (authplay.dll).

    This second vulnerability (CVE-2010-2884) is also being exploited at the moment to infect computers and will be fixed in Flash Player in around two weeks.
    More -
    Patch Schedule Announced for Actively Exploited Adobe Reader Vulnerability - Softpedia
    Posted By: JMH
    14 Sep 2010



  1. Lee
    Posts : 1,796
    Win 7 Pro x64, VM Win XP, Win7 Pro Sandbox, Kubuntu 11
       #1

    Thanks for the info. . .
      My Computer


  2. Posts : 1,965
    win 7 X64 Ultimate SP1
       #2

    Reader


    I uninstalled the reader the last time this happened. Also I was disappointed in the way they tried to involve third parties in it's use. But Flash has me concerned. I wish MS would work on getting Silverlight accepted by the majority of users.
      My Computer


 

  Related Discussions
Our Sites
Site Links
About Us
Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 01:40.
Find Us