Adobe warns of zero-day flaw in Flash, Acrobat
Adobe has issued a security advisory announcing a new zero-day vulnerability (CVE-2010-1297) that is being exploited in the wild against both Adobe Flash Player, Adobe Reader and Acrobat. The vulnerability is present in the Adobe software for platforms including Windows, Macintosh, Solaris, Linux or UNIX. Symantec Security Response has confirmed that the attack involves Trojan.Pidief.J, which is a PDF file that drops a back door onto the compromised computer if an affected product is installed. Upon analysis of an attack, it is also observed that a malicious SWF file (detected as Trojan Horse) is used in conjunction with an HTML file (detected as Downloader) to download another malware (detected as Backdoor.Trojan) from the web.
To stay protected from targeted attacks, enterprises and computer users alike should:
- Make sure operating systems and applications are updated with the latest patches
- Be cautious and not open suspicious email attachments or attachments that are not expected
- Use a complete security solution that protects against today’s threats, as well as unknown threats
- Flash Is Redefining The Way We Travel
- ITAM Aims To Reduce Software Spends Of CIOs
- Password Protected Wi-Fi Is Also Prone To Hacks: Study
- Adobe Announces Aadhaar Integration in Adobe Sign
- How To Combat Online Harassment At The Workplace
- Apple-Backed Group To Buy Toshiba Chip Biz For USD 18 Bn
- 5 Specs Of A Futuristic Office Space
- Weekly Rewind: Top 10 Stories On CXO Today (July 24-29)
- It's Time To Say Goodbye To Adobe Flash Player
- Is 3-D Drawing Going To Kill Microsoft Paint?