Just a heads up for all of you who have been anxiously waiting in your fallout shelters for Adobe to patch that nasty zero-day exploit. Adobe has announced that tomorrow it will be dishing out an update that should resolve the matter where Flash is concerned. As for Acrobat and Reader, the two other Adobe products that are vulnerable, both will have their quarterly security date bumped up by two weeks meaning that this whole mess should be resolved by the 29th of June.

[Via Engadget]

Read

Yesterday, Adobe announced that a zero-day exploit exists in Flash 10.0.45.2 and earlier, as well as Adobe Reader and Acrobat 9.x. The company website explains:

…(CVE-2010-1297) could cause a crash and potentially allow an attacker to take control of the affected system. There are reports that this vulnerability is being actively exploited in the wild against both Adobe Flash Player, and Adobe Reader and Acrobat.

The zero-day exploit, without question, is the mother of all vulnerabilities. A recent report put the black market price tag of a good zero-day exploit — on that can be widely distributed — at just north of $50,000. Governments and private security firms have been rumored to pay more than quadruple that figure on the “white market” if the vulnerability is severe enough. We’ve got the complete security bulletin, with mitigation instructions, queued up for you after the bounce.

Release date: June 4, 2010

Vulnerability identifier: APSA10-01

CVE number: CVE-2010-1297

Platform: All

Summary

A critical vulnerability exists in Adobe Flash Player 10.0.45.2 and earlier versions for Windows, Macintosh, Linux and Solaris operating systems, and the authplay.dll component that ships with Adobe Reader and Acrobat 9.x for Windows, Macintosh and UNIX operating systems. This vulnerability (CVE-2010-1297) could cause a crash and potentially allow an attacker to take control of the affected system. There are reports that this vulnerability is being actively exploited in the wild against both Adobe Flash Player, and Adobe Reader and Acrobat. This advisory will be updated once a schedule has been determined for releasing a fix.

Affected software versions

Adobe Flash Player 10.0.45.2, 9.0.262, and earlier 10.0.x and 9.0.x versions for Windows, Macintosh, Linux and Solaris
Adobe Reader and Acrobat 9.3.2 and earlier 9.x versions for Windows, Macintosh and UNIX

Note:
The Flash Player 10.1 Release Candidate available at http://labs.adobe.com/technologies/flashplayer10/ does not appear to be vulnerable.
Adobe Reader and Acrobat 8.x are confirmed not vulnerable.

Mitigations

Adobe Flash Player
The Flash Player 10.1 Release Candidate available at http://labs.adobe.com/technologies/flashplayer10/ does not appear to be vulnerable.

Adobe Reader and Acrobat
Deleting, renaming, or removing access to the authplay.dll file that ships with Adobe Reader and Acrobat 9.x mitigates the threat for those products, but users will experience a non-exploitable crash or error message when opening a PDF file that contains SWF content.

The authplay.dll that ships with Adobe Reader and Acrobat 9.x for Windows is typically located at C:\Program Files\Adobe\Reader 9.0\Reader\authplay.dll for Adobe Reader or C:\Program Files\Adobe\Acrobat 9.0\Acrobat\authplay.dll for Acrobat.

Severity rating

Adobe categorizes this as a critical issue.

Details

A critical vulnerability exists in Adobe Flash Player 10.0.45.2 and earlier versions for Windows, Macintosh, Linux and Solaris operating systems, and the authplay.dll component that ships with Adobe Reader and Acrobat 9.x for Windows, Macintosh and UNIX operating systems. This vulnerability (CVE-2010-1297) could cause a crash and potentially allow an attacker to take control of the affected system. There are reports that this vulnerability is being actively exploited in the wild against both Adobe Flash Player, and Adobe Reader and Acrobat.

The Flash Player 10.1 Release Candidate available at http://labs.adobe.com/technologies/flashplayer10/ does not appear to be vulnerable.

Adobe Reader and Acrobat 8.x are confirmed not vulnerable. Mitigation is available for Adobe Reader and Acrobat 9.x customers as detailed above.

Adobe actively shares information about this and other vulnerabilities with partners in the security community to enable them to quickly develop detection and quarantine methods to protect users until a patch is available. As always, Adobe recommends that users follow security best practices by keeping their anti-malware software and definitions up to date.

This advisory will be updated once a schedule has been determined for releasing a fix. Users may monitor the latest information on the Adobe Product Security Incident Response Team blog at the following URL: http://blogs.adobe.com/psirt or by subscribing to the RSS feed here: http://blogs.adobe.com/psirt/atom.xml.

Read

In an economic climate such as the one we’re currently experiencing, we’re sure that Sun Microsystems is wishing they could say, “No takesies-backsies!” For the past few weeks, it seemed like everyone was on the edge of their seat waiting to see what would happen with IBM’s offer Sun. On Sunday, everything came to a halt when IBM withdrew a hefty $7.5 billion bid for the computer and software manufacturer. Sun became apparently picky when the sum ($9.40 per share instead of the $9.55 offer from the prior week) and details of the negotiations didn’t quite meet their tastes. Now the company could be facing a rough future if IBM can’t find a way to please and purchase it.  In the meantime, Sun’s stock prices could continue to drop as they further their quest to find a buyer.

Read