Web2Secure: Web Security Blog

We are non-funded group of security enthusiast who contributes and updates to community with latest security treats. Use and handle whatever links shared within website could be harmful to your systems with own risks. Feel free to use the contents for commercial or non-commercial purposes. We're very appreciating if using our useful information’s to your website by referring back to this original website. Donation or clicking on ads is most welcome to continue maintains costs for this website.

Friday, July 24, 2009

Zero-Day Exploit for Adobe issue

Since 0Day Exploit for Adobe was revealed particular in Adobe 9.1.2, Flash 9 and Flash 10. Security vendors are putting lots of effort to cover the detection in their respective products. The exploit arrives as a PDF file which embedded with Flash and malicious binary files. The Flash contains shellcode that allocate heaps (using heap spraying technique) of blocks in a system memory.

There have no patches solution yet for moment, however few suggestion steps been raised up to prevent or reduce the risks while surfing net.

1. Disable Flash in Adobe Reader 9 on Windows platforms by renaming the following files: “%ProgramFiles%\Adobe\Reader 9.0\Reader\authplay.dll” and “%ProgramFiles%\Adobe\Reader 9.0\Reader\rt3d.dll”.

2. Disable Flash Player or selectively enable Flash content as described in the Securing Your Web Browser Document.

Reference: US-CERT

Web2Secure: Web Security Blog

Pages

Friday, July 24, 2009

Zero-Day Exploit for Adobe issue

0 comments: