Adobe Confirms 0day Related to Flash and Acrobat
Thursday, October 28, 2010 at 12:37PM
drStrangeP0rk in Acrobat, Adobe, Exploits, Flash, Wild, Zero Day

Adobe has issues a security advisory which has confirmed a 0day that has been used in the wild which affects the Flash Player, Adobe Reader and Acrobat.The vulnerability is cross platform including earlier versions of Android. 

The vulnerability casues a crash and will allow a malicious actor to execute command with the users priviledges. Adobe has posted mitigation method on the attached advisory but this is a summary.

Adobe Reader 9.x - Macintosh 
1) Go to the Applications->Adobe Reader 9 folder. 
2) Right Click on Adobe Reader. 
3) Select Show Package Contents. 
4) Go to the Contents->Frameworks folder. 
5) Delete or move the AuthPlayLib.bundle file.

Acrobat Pro 9.x - Macintosh
1) Go to the Applications->Adobe Acrobat 9 Pro folder. 
2) Right Click on Adobe Acrobat Pro. 
3) Select Show Package Contents. 
4) Go to the Contents->Frameworks folder. 
5) Delete or move the AuthPlayLib.bundle file.

This vulnerability affects the AuthPlayLib.bundle file, we recommend using Preview.app for viewing of PDF files. 

Article originally appeared on magmatic.com (http://www.magmatic.com/).
See website for complete article licensing information.