Adobe Identifies Microsoft Office Users For Vulnerability, Releases Another Patch

rated by 0 users
This post has 1 Reply | 0 Followers

Top 10 Contributor
Posts 26,149
Points 1,185,130
Joined: Sep 2007
News Posted: Sat, Feb 9 2013 1:00 PM
In tandem with a release of new security updates for Adobe Flash Player for Windows, Mac, Linux, and Android operating systems (which patch a vulnerability “that could cause a crash and potentially allow an attacker to take control of the affected system”), Adobe’s ASSET Platform Security Strategist Peleus Uhley took to a blog post to talk about the update.

The Adobe team has seen these now-patched vulnerabilities exploited in the wild both in attacks using Flash content on websites and via targeted emails that bait users into opening a poisoned Microsoft Word document attachment.

Uhley made a note of discussing how Adobe is working hard to improve security by sandboxing Flash Player on the latest editions of the Chrome, Mozilla, and Internet Explorer browsers and also by making it easier for users to get Flash Player updates.

Microsoft Office Adobe

He said that by far, the most-targeted vector was Microsoft Office attachments in emails; Microsoft Office 2010 has a Protected Mode sandbox that prevents the code from being executed by default. In earlier versions of Office, the new Adobe security update will post a warning before executing the Flash content being opened--although the protection looks like little more than a click-through warning that most people won’t even read.

In any case, it’s good to see that Adobe is trying. Pro tip to help the effort: Don’t open email attachments from untrusted sources.
  • | Post Points: 20
Top 10 Contributor
Posts 8,647
Points 104,065
Joined: Apr 2009
Location: Shenandoah Valley, Virginia

"Don’t open email attachments from untrusted sources"

I never do, but it's good advice anyways.

Dogs are great judges of character, and if your dog doesn't like somebody being around, you shouldn't trust them.

  • | Post Points: 5
Page 1 of 1 (2 items) | RSS