10:31 The products adobe vulnerability again under attack flash reader / acrobat | |
A few hours ago portal Secunia announced the discovery of zero-day vulnerabilities in Adobe Flash (because it came under attack, for example, Google Chrome c integrated module) and Adobe Reader / Acrobat. Details under the cut and first emergency assistanceAdobe Flash PlayerVulnerability discovered in the latest version of Flash Player 10.1.85.3 on Linux, Mac OS X, Solaris and Windows. As well as the vulnerability of Flash Player 10.1.95.2 for Android. What causes the error - it is not clear, but with its help an attacker could remotely execute arbitrary code. Neither Adobe, nor Secunia found no crutches for a temporary defense against a hole with an ultra-high-risk, besides the standard "do not visit malicious sites or disable the plugin. I can only assume that the browser Google Chrome is to try to prescribe the parameter --safe-plugins. This option is forced to run all plug-ins in a sandbox, though it can cause glitches and non-functional plug-ins. Also suitable click-to-play (in the stable-release is disabled, but the dev, canary, and Chromium is) or a global ban under local permissions to trusted sites through the advanced options -> customize the content -> Plug-ins (so, incidentally, and we should always do, because in flash player holes appear with an enviable rate). For other browsers have the option to run in a virtual machine, or a third party such as Sandboxie sandbox under Windows. Opera is also suitable for a global ban plug with the resolution for trusted sites (General Settings - Advanced - Content - Remove checkbox to "Enable plugins" (including locally through the settings for websites)). Dear habrayuzer Thomas pointed to the possibility to protect themselves FlashBlock extension for Firefox. For Google Chrome Stable fit FlashControl. Dear habrayuzer rolltin reports that you can use the option in Opera: opera: config # UserPrefs | EnableOnDemandPlugin There are approx as FlashBlock. The official patch is expected on November 9. Adobe Reader / AcrobatVulnerabilities in these products caused by the same unknown causes in Adobe Flash, for it involves the implementation of dynamic content. Pdf-documents (not affected Adobe Reader for Android). Already is instances of this vulnerability and the defeat of computers infected. The patch will be released approximately November 15, 2010. In the meantime, it is possible to solve the problem by force, removing the worn components. The solution can be found here. MoreVulnerability in Adobe Flash [Closed] Adobe Reader / Acrobat Google Chrome [closed] malicious program, which was otreporchen when it detects a hole | |
|
| |
| Total comments: 0 | |