Secunia
Login
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Forum Thread: Adobe Acrobat 0-day vulnerability
You are currently viewing a forum thread in the Secunia Community Forum. Please note that opinions expressed here are not of Secunia but solely reflect those of the user who wrote it.This thread was submitted in the following forum:
Programs
|
Relating to this vendor: Adobe Systems |
And, this specific program: Adobe Reader X 10.x |
| mtodorov | Adobe Acrobat 0-day vulnerability |
|---|---|
 |
8th Dec, 2011 08:16 |
|
Ranking: 9 Posts: 128 User Since: 20th Mar, 2009 System Score: N/A Location: HR |
Hi, all! Since PSI reports this vulnerability also under "Secure Browsing" tab, are my fears of a drive-by install through Adobe Reader browser plugin exaggerated? Thanks. mt -- "If a task is worth doing, it is worth doing right. If it is not worth doing well, it is not worth doing." -- Dr. Jack Hyles <>< |
| Maurice Joyce | RE: Adobe Acrobat 0-day vulnerability | ||||||||
|
8th Dec, 2011 09:38 | ||||||||
| Score: 10495 Posts: 8,057 User Since: 4th Jan 2009 System Score: 100% Location: UK |
This is worth a read & the hyperlinks within the bulletin. http://krebsonsecurity.com/2011/12/attackers-hit-n... U can also join his blog & ask further questions or sign up to his RSS feed for updated information. -- Maurice Windows 7 SP1 64 Bit OS HP Intel Pentium i7 IE 10 for Windows 7 16GB RAM |
||||||||
|
|||||||||
| mtodorov | RE: Adobe Acrobat 0-day vulnerability | ||||||||
|
|
8th Dec, 2011 10:40 | ||||||||
| Score: 9 Posts: 128 User Since: 20th Mar 2009 System Score: N/A Location: HR |
Good to hear from you, Maurice :-) Thx for the link. I will study it. mt -- "If a task is worth doing, it is worth doing right. If it is not worth doing well, it is not worth doing." -- Dr. Jack Hyles <>< |
||||||||
|
|||||||||
| mtodorov | RE: Adobe Acrobat 0-day vulnerability | ||||||||
|
|
8th Dec, 2011 11:00 | ||||||||
| Score: 9 Posts: 128 User Since: 20th Mar 2009 System Score: N/A Location: HR |
Yes, it is so much Big Software to leave the 0-day hole unpatched until next quarterly security update on Jan, 10 just like last MS 0-day hole still awaits patch Tuesday. I don't say that some of my systems were broken because of it, but it makes coffee taste acid bitter tasteless in my mouth. -- "If a task is worth doing, it is worth doing right. If it is not worth doing well, it is not worth doing." -- Dr. Jack Hyles <>< |
||||||||
|
|||||||||
| Maurice Joyce | RE: Adobe Acrobat 0-day vulnerability | ||||||||
|
|
9th Dec, 2011 10:45 | ||||||||
| Score: 10495 Posts: 8,057 User Since: 4th Jan 2009 System Score: 100% Location: UK |
Another little Adobe gem here for U to mull over! http://secunia.com/advisories/product/38260/ -- Maurice Windows 7 SP1 64 Bit OS HP Intel Pentium i7 IE 10 for Windows 7 16GB RAM |
||||||||
|
|||||||||
| Anthony Wells | RE: Adobe Acrobat 0-day vulnerability | ||||||||
|
9th Dec, 2011 11:57 | ||||||||
| Score: 2324 Posts: 3,203 User Since: 19th Dec 2007 System Score: N/A Location: N/A Last edited on 9th Dec, 2011 12:01 |
Hi mt , Rather busy atm , but your concern about patching or "lack of" prompts me to mention "sandboxing" which is the basis behind Adobe ReaderX protected mode ; Google use it in their Chrome browser to reduce/minimise the access to your PC by the bad guys through "unpatched/vulnerable" Flash . I myself am a long time user of "Sandboxie" with much success , even if it is not for everyone . Have a look here (Chrome is mentioned) :- http://en.wikipedia.org/wiki/Sandbox_(computer_security and here for Ian (Gizmo) Richards' excellent detailed advice :- http://www.techsupportalert.com/safe-surfing.php Not all sandboxes do the same thing :eg: that in Comodo's Firewall/Defense+ does a slightly different job . Happy reading . Take lots of care . Anthony EDIT***: the link goes to the main ref page , cannot get it to show "computer security :(( so scroll down to the specific ref . -- It always seems impossible until its done. Nelson Mandela |
||||||||
|
|||||||||
