Adobe Flash, Acrobat Remote code Zero day Vulnerablity
Adobe Flash Player 10.2.152.33 Windows, MacOS, Linux, Solari
Adobe Flash Player 10.2.154.18 Google Chrome
Adobe Flash Player 10.1.1906 Google Android OS
Adobe Reader and Acrobat X (10.0.1) 10x, 9x, Windows, Mac O
Vulnerability has been found on Adobe Flash Player and Acrobat. This vulnerability allows random remote code execution.
Currently, there are cases that malware was distributed by using this vulnerability. As the current condition is Zero day, which means official patch has not been provided, PC users should beware of using the programs.
(There is vulnerability on Adobe Reader/Acrobat X with Protected Mode, yet malware behavior does not perform.
Vulnerability Identifier : APSA 11-01
CVE number: CVE-2011-0609
System can be controlled by system crash or remote code execution through Authplay.dll component vulnerabilire could infect when opening flash included Excel file via various sources such as website, mail, SNS, messenger.
PC users should beware of accessing to suspicious sites, and opening Excel files with unindentified sources.
a. Do not open suspicious sites or Excel files with unidentified sources.
b. Use Adobe Reader/Acrobat X with Protected mode
c. Update ALYac DB to the latest date, and activate real time monitoring. In reference, ALYac detects and disinfects this
(Dectection name: Exploit.SWF.CVE-2011-0609.A, Trojan.Downloader.Agent.Tug)