Cyberattacks March 2011 – Adobe Zero Days
Malicious hackers are using rigged Microsoft Excel files to exploit a zero-day flaw in Adobe’s ubiquitous Flash Player software.
A new zero-day exploit that targets Adobe Flash Player (CVE-2011-0611). The flaw is being actively exploited in the wild in targeted attacks via Web page or Flash file (.swf). An attacker crafts a malicious Flash file (.swf) containing arbitrary code to leverage the issue and to carry out some actions on their behalf and embed it in a Microsoft Word (.doc). Embedding method is used to setup memory so the exploit has a higher chance of succeeding. The attacker distributes the Word file using means such as a seemingly legitimate email attachment to entice an unsuspecting user to open it. A successful exploit of the Flash vulnerability could crash and potentially allow the attacker to take control of the affected system.
The vulnerability affects:
– Adobe Flash Player 10.2.153.1 and earlier versions for Windows, Macintosh, Linux and Solaris operating systems
– Adobe Flash Player 10.2.154.25 and earlier for Chrome users
– Adobe Flash Player 10.2.156.12 and earlier versions for Android
– The Autoplay.dll component that ships with Adobe Reader and Acrobat X (10.0.2) and earlier 10.x and 9.x versions for Windows and Macintosh operating systems
Adobe recommends users of Adobe Flash Player 10.3.181.16 and earlier versions for Windows, Macintosh, Linux and Solaris update to Adobe Flash Player 10.3.181.22 (10.3.181.23 for ActiveX). Adobe recommends users of Adobe Flash Player 10.3.185.22 and earlier versions for Android update to Adobe Flash Player 10.3.185.23.
NOTE: Adobe Reader 9.x for UNIX, Adobe Reader for Android, and Adobe Reader and Acrobat 8.x are not affected by this