Adobe Warns of Critical Zero Day Vulnerability 236
wiredmikey writes "Adobe issued an advisory today on a zero-day vulnerability (CVE-2011-2462) that has come under attack in the wild. According to Adobe, the issue is a U3D memory corruption vulnerability that can be exploited to cause a crash and permit an attacker to hijack a system. So far, there are reports the vulnerability is being exploited in limited, targeted attacks against Adobe Reader 9.x on Windows. However, the bug also affects Adobe Reader and Acrobat 9.4.6 and earlier 9.x versions for UNIX and Macintosh computers, as well as Adobe Reader X (10.1.1) and Acrobat X (10.1.1) and earlier 10.x versions on Windows and Mac. Patches for Windows and Mac users of Adobe Reader X and Acrobat X will come on the next quarterly update, scheduled for Jan. 10, 2012."
Re:Listed mitigation: Adobe Reader X Protected Mod (Score:5, Funny)
Good I stopped using that blob...
Re:Oh adobe... (Score:3, Funny)
>You can pretty well set your watch by adobe exploits. Get it together, guys...,
My watch doesn't display milliseconds.
Re:Oh adobe... (Score:5, Funny)
You can pretty well set your watch by adobe exploits. Get it together, guys...
You actually have several options: If you want it to run fast, set by exploits. If you want it to run slow, set by fixes.
Re:Listed mitigation: Adobe Reader X Protected Mod (Score:5, Funny)
Adobe PDF Reader - now with 10-40x the size of what's *really* needed! ***Bonus*** - Includes Critical 0 Day vulnerability, @ no extra charge!!!
What more could you ask for?
Ummm, could you maybe toss in an eternally running updater?
And if the same people could come up with a useless "download manager", well that would just be peachy!