Network Box Security Response is currently monitoring exploits of a zero-day flaw in Adobe Flash Player 9 and 10, with the exploit delivered by a flash object embedded in an Adobe PDF document (rendered by Adobe PDF Reader / Acrobat).

The flaw has been acknowledged by Adobe, who are working on a fix for the issue. An article providing more information is available on threatpost.

In co-operation with our Anti-Virus partners, we are PUSHing signatures for the known exploits, as we see them.

Update: Adobe has now released detailed information on this vulnerability and a recommended workaround. Threatpost are reporting that their previous recommended workaround of disabling Flash multimedia is ineffective and concerned users should follow the Adobe advice of deleting the authplay.dll component.

Back