Home > Security News > Sourcefire issues Adobe zero-day patch to block attacks
Security News:
EMAIL THIS

Sourcefire issues Adobe zero-day patch to block attacks

By Robert Westervelt, News Editor
24 Feb 2009 | SearchSecurity.com

Security Wire Daily News
Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us    Add to Google

Intrusion detection and prevention vendor Sourcefire Inc. issued a patch for a critical Adobe zero-day vulnerability that is being actively exploited by attackers.
SearchSecurity.com:
To get security news and tips delivered to your inbox, click here to sign up for our free newsletter.

In a Sourcefire Vulnerability Research Team blog posting Sunday, Lurene Grenier, a Sourcefire senior security researcher, wrote the "home brew patch" works for Adobe Reader 9. Those on Adobe 8 need to upgrade to the latest version to apply the patch.

The patch will block a malicious PDF file returning an "Insufficient data for an image," message. Grenier warned that the patch may not prevent all attacks.
Adobe zero-day flaw:
Attackers target new Adobe zero-day flaw:  Attackers are actively targeting a zero-day flaw in Adobe Acrobat Reader software, according to a warning from Symantec.

On Friday, Symantec Corp. researchers warned that hackers were attempting to exploit an Adobe zero-day buffer overflow vulnerability by spreading malicious PDF files containing the Pidief Trojan. Symantec didn't release infection rates, but said that attacks have been extremely limited in scope, targeting a few senior level executives. The first signs of it appearing in the wild were discovered in Japan.

Kevin Haley, director of product management for security response at Symantec, said researchers there were given a sample of the exploit code Feb. 12.

Adobe issued an advisory calling the zero-day flaw critical. The vendor said it plans to release a patch to address the issue by March 11.

"Adobe … recommends that users update their virus definitions and exercise caution when opening files from untrusted sources," the vendor said in its advisory to customers.

In a message to customers Adobe said disabling JavaScript provides protection against currently known attacks. "However, the vulnerability is not in the scripting engine and, therefore, disabling JavaScript does not eliminate all risk." Adobe also listed a number of security and antivirus vendors that protect agains the flaw.

Editor's note: This story was updated to report the latest protection information from Adobe.

Tags: Security Patch ManagementSecuring Productivity ApplicationsEmerging Information Security ThreatsVIEW ALL TAGS

Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us    Add to Google



RELATED CONTENT
Security Patch Management
Squad: Tokenization, Phishing and the Feds
Should management processes change based on a patch release schedule?
Should Windows Mobile updates come from Microsoft?
Adobe updates ColdFusion, JRun, Flex
Trusteer CEO criticizes Adobe, touts better patch deployments
Patch management study shows IT taking significant risks
Vulnerability mitigation study shows need for faster patching
Microsoft to issue security report card, new tool at Black Hat
How to manage patches for Adobe
When is it suitable to remove Java updates?

Securing Productivity Applications
Quiz: How to build secure applications
How to detect software tampering
Adobe fixes 29 flaws in Acrobat, Reader
Adobe warns of critical update for Reader, Acrobat 9.1.3
Why should we place data files on a separate partition than the OS?
Adobe updates ColdFusion, JRun, Flex
Serious Adobe Flash flaw being exploited
Adobe acknowledges serious Flash zero-day vulnerability
Adobe issues security advisory for Flash zero-day flaw
When to use the service features of the Metasploit hacking tool

Emerging Information Security Threats
Hackers to sharpen malware, malicious software in 2010
Modern malware, stealthy botnets, adapt quickly, expert says
New ransomware Trojan pushes victims to buy software
Bruce Schneier on outsourcing, awareness training
US-CERT warns of BlackBerry snooping software
Marcus Ranum on cyberwarfare, infosec careers
Researchers find thousands of flawed embedded devices
Enterprise botnets contain thousands of malware variants
Nuke and pave to eradicate botnets
Rand study urges caution on cyberwarfare attacks

RELATED GLOSSARY TERMS
Terms from Whatis.com − the technology online dictionary
attack vector  (SearchSecurity.com)
back door  (SearchSecurity.com)
ethical worm  (SearchSecurity.com)
Patch Tuesday  (SearchSecurity.com)
zero-day exploit  (SearchSecurity.com)

RELATED RESOURCES
2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems
Search Bitpipe.com for the latest white papers and business webcasts
Whatis.com, the online computer dictionary



More Tips to Secure Your Network
TechTarget Security Media
Information Security View this month\\'s issue and subscribe today.
Information Security Decisions Apply online for free conference admission.
SearchSecurity.com
HomeNewsMagazineMultimediaWhite PapersLearningAdviceTopicsEventsAbout Us
SEARCH :     Site Index Powered by: Search Powered by Google

About Us  |  Contact Us  |  For Advertisers  |  For Business Partners  |  Site Index  |  RSS
TechTarget provides technology professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective purchase decisions and managing their organizations' technology projects - with its network of technology-specific websites, events and online magazines.

TechTarget Corporate Web Site  |  Media Kits  |  Site Map




All Rights Reserved, Copyright 2003 - 2009, TechTarget | Read our Privacy Policy 		  TechTarget - The IT Media ROI Experts