Another Adobe Zero-Day Vulnerability

[marsmimar]

10/28/10
Adobe is rushing to fix yet another zero-day vulnerability, this time affecting versions of Flash Player, Reader, and Acrobat on Windows, Mac, Linux, and Solaris. The vulnerability, the company reports, can cause affected systems to crash and allows attackers to take control of them.

Adobe says it is working on fixes for the vulnerabilities: The update for Flash Player 10.X is expected by Nov. 9, and the update to Reader and Acrobat 9.4 and earlier 9.x versions should arrive the week of Nov. 15. In the meantime, the company offers mitigations, which amount to deleting, renaming, and/or removing access to the authplay.dll file that ships with Adobe Reader and Acrobat 9.x.

Source: Adobe scrambles to squash another zero-day vulnerability | Malware - InfoWorld

 

[Zeplash]

Good Post

 

[Gornot]

It's times like this that I wish Silverlight was more popular :/

 

[swarfega]

Just what does zero day mean? Ive been wondering this for years.

 

[Mercurial]

IE9 + SiliverLight +HTML5 = bye2x flash!

 

[gladson1976]

Just what does zero day mean? Ive been wondering this for years.

A zero-day (or zero-hour or day zero) attack or threat is a computer threat that tries to exploit computer application vulnerabilities that are unknown to others or undisclosed to the software developer. Zero-day exploits (actual software that uses a security hole to carry out an attack) are used or shared by attackers before the developer of the target software knows about the vulnerability.

Zero-day attack - Wikipedia, the free encyclopedia

 

[marsmimar]

Just what does zero day mean? Ive been wondering this for years.

To put it another way, when a developer releases a product for general public use, the bad guys find a way to exploit it immediately leaving the developer zero days (or hours, minutes, seconds) to find a fix.