[Other] UPDATE: Schwachstelle im Adobe Flash Player – APSA11-02-3

[Other] UPDATE: Schwachstelle im Adobe Flash Player - APSA11-02-3

Von

—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA1

Liebe Kolleginnen und Kollegen,

soeben erreichte uns nachfolgende Warnung. Wir geben diese Informationen
unveraendert an Sie weiter.

Bitte beachten Sie, dass dies ein Update des Advisories ist, das die
folgenden Aenderungen betrifft:

Der Hersteller gibt weitere Informationen ueber die Verfuegbarkeit von
Updates fuer den Adobe Flash Player und Google Chrome bekannt.

CVE-2011-0611 – Schwachstelle im Adobe Flash Player

Im Adobe Flash Player in Version 10.2.153.1 und frueher, sowie in der
Bibliothek Authplay.dll, die Bestandteil des Adobe Readers und Acrobat X
ist, besteht eine nicht naeher beschriebene Schwachstelle. Ein
entfernter Angreifer kann mittels einer praeparierten SWF-Datei oder
manipulierten Webseite mit aktiven Flash-Inhalten die entsprechende
Anwendung zum Absturz oder beliebige Befehle mit den Rechten der
Anwendung zur Ausfuehrung bringen. Die Schwachstelle wird durch in
Microsoft Word Dokumenten eingebetteten Flash-Inhalten bereits aktiv
ausgenutzt.

Betroffen sind die folgenden Software Pakete und Plattformen:

Adobe Flash Player 10.2.153.1 und frueher fuer Windows, Mac OS X,
Linux und Solaris
Adobe Flash Player 10.2.154.25 und frueher fuer Chrome
Adobe Flash Player 10.2.156.12 und frueher fuer Android
Die Bibliothek Authplay.dll in Adobe Reader und Acrobat X in den
Versionen 9.x und 10.x bis einschliesslich 10.0.2 fuer Windows und Mac
OS X

Windows
Mac OS X
Linux
Solaris
Chrome
Android

Vom Hersteller werden ueberarbeitete Pakete zur Verfuegung gestellt.

(c) der deutschen Zusammenfassung bei DFN-CERT Services GmbH; die
Verbreitung, auch auszugsweise, ist nur unter Hinweis auf den Urheber,
DFN-CERT Services GmbH, und nur zu nicht kommerziellen Zwecken
gestattet.

Mit freundlichen Gruessen,
Matthias Braeck

– —
Matthias Braeck (Incident Response Team)

DFN-CERT Services GmbH, https://www.dfn-cert.de, Phone +49 40 808077-590
Sitz / Register: Hamburg, AG Hamburg, HRB 88805, Ust-IdNr.: DE 232129737
Sachsenstrasse 5, 20097 Hamburg/Germany, CEO: Dr. Klaus-Peter Kossakowski

Automatische Warnmeldungen: https://www.cert.dfn.de/autowarn

Security Advisory for Adobe Flash Player, Adobe Reader and Acrobat

Release date: April 11, 2011

Last updated: April 14, 2011

Vulnerability identifier: APSA11-02

CVE number: CVE-2011-0611

Platform: See “Affected software versions” section below for details
Summary

A critical vulnerability exists in Flash Player 10.2.153.1 and earlier versions (Adobe Flash Player 10.2.154.25 and earlier for Chrome users) for Windows, Macintosh, Linux and Solaris, Adobe Flash Player 10.2.156.12 and earlier versions for Android, and the Authplay.dll component that ships with Adobe Reader and Acrobat X (10.0.2) and earlier 10.x and 9.x versions for Windows and Macintosh operating systems.

This vulnerability (CVE-2011-0611) could cause a crash and potentially allow an attacker to take control of the affected system. There are reports that this vulnerability is being exploited in the wild in targeted attacks via a malicious Web page or a Flash (.swf) file embedded in a Microsoft Word (.doc) or Microsoft Excel (.xls) file delivered as an email attachment, targeting the Windows platform. At this time, Adobe is not aware of any attacks via PDF targeting Adobe Reader and Acrobat. Adobe Reader X Protected Mode mitigations would prevent an exploit of this kind from executing.

We are in the process of finalizing a fix for the issue and expect to make available an update for Flash Player 10.2.x and earlier versions for Windows, Macintosh, Linux, and Solaris on Friday, April 15, 2011. Google Chrome users can update to Chrome version 10.0.648.205, available now. To verify the version of Google Chrome installed on your system, follow the instructions here: http://www.google.com/support/chrome/bin/answer.py?hl=en&answer=95414.
We expect to make available an update for Adobe Acrobat X (10.0.2) and earlier 10.x and 9.x versions for Windows and Macintosh, Adobe Reader X (10.0.1) for Macintosh, and Adobe Reader 9.4.3 and earlier 9.x versions for Windows and Macintosh no later than the week of April 25, 2011. Because Adobe Reader X Protected Mode would prevent an exploit of this kind from executing, we are currently planning to address this issue in Adobe Reader X for Windows with the next quarterly security update for Adobe Reader, currently scheduled for June 14, 2011.
Affected software versions

* Adobe Flash Player 10.2.153.1 and earlier versions for Windows, Macintosh, Linux and Solaris operating systems
* Adobe Flash Player 10.2.154.25 and earlier for Chrome users
* Adobe Flash Player 10.2.156.12 and earlier for Android
* The Authplay.dll component that ships with Adobe Reader and Acrobat X (10.0.2) and earlier 10.x and 9.x versions for Windows and Macintosh operating systems

NOTE: Adobe Reader 9.x for UNIX, Adobe Reader for Android, and Adobe Reader and Acrobat 8.x are not affected by this issue.
Severity rating

Adobe categorizes this as a critical issue.
Details

A critical vulnerability exists in Flash Player 10.2.153.1 and earlier versions (Adobe Flash Player 10.2.154.25 and earlier for Chrome users) for Windows, Macintosh, Linux and Solaris, Adobe Flash Player 10.2.156.12 and earlier versions for Android, and the Authplay.dll component that ships with Adobe Reader and Acrobat X (10.0.2) and earlier 10.x and 9.x versions for Windows and Macintosh operating systems.

This vulnerability (CVE-2011-0611) could cause a crash and potentially allow an attacker to take control of the affected system. There are reports that this vulnerability is being exploited in the wild in targeted attacks via a malicious Web page or a Flash (.swf) file embedded in a Microsoft Word (.doc) or Microsoft Excel (.xls) file delivered as an email attachment, targeting the Windows platform. At this time, Adobe is not aware of any attacks via PDF targeting Adobe Reader and Acrobat. Adobe Reader X Protected Mode mitigations would prevent an exploit of this kind from executing.

We are in the process of finalizing a fix for the issue and expect to make available an update for Flash Player 10.2.x and earlier versions for Windows, Macintosh, Linux, and Solaris on Friday, April 15, 2011. Google Chrome users can update to Chrome version 10.0.648.205, available now. To verify the version of Google Chrome installed on your system, follow the instructions here: http://www.google.com/support/chrome/bin/answer.py?hl=en&answer=95414.
We expect to make available an update for Adobe Acrobat X (10.0.2) and earlier 10.x and 9.x versions for Windows and Macintosh, Adobe Reader X (10.0.1) for Macintosh, and Adobe Reader 9.4.3 and earlier 9.x versions for Windows and Macintosh no later than the week of April 25, 2011. Because Adobe Reader X Protected Mode would prevent an exploit of this kind from executing, we are currently planning to address this issue in Adobe Reader X for Windows with the next quarterly security update for Adobe Reader, currently scheduled for June 14, 2011.

Users may monitor the latest information on the Adobe Product Security Incident Response Team blog at http://blogs.adobe.com/psirt or by subscribing to the RSS feed at http://blogs.adobe.com/psirt/atom.xml.

Adobe actively shares information about this and other vulnerabilities with partners in the security community to enable them to quickly develop detection and quarantine methods to protect users until a patch is available. As always, Adobe recommends that users follow security best practices by keeping their anti-malware software and definitions up to date.
Acknowledgments

Adobe would like to thank Mila Parkour (http://contagiodump.blogspot.com) for working with Adobe on this issue to help protect our customers.
Revisions

April 14, 2011 – Updated with information on Google Chrome.
April 13, 2011 – Updated with schedule information.
April 11, 2011 – Bulletin released.

—–BEGIN PGP SIGNATURE—–
Version: GnuPG v2.0.9 (GNU/Linux)

iQEcBAEBAgAGBQJNqFEIAAoJEJtyb8U7iGZBrRYH/3WQ1MRo9/RiZZhglIR1Uu3w
1K75swBmv2x1khxcVZ4wzn7gUPcWId1UDZsGNqdcIdGx/uRLvj9nRM9iMyk+J+OG
O5JopxWTvZW0gFzkLvkwLbK35sR+GHRmDw+Y7jZ18mtZEJHA78cYstXIqvXG8loo
67WUpYG28fnHSBjWu2q3kUWybjGN77s15SUD/EvLrR7Am2HA5r+E2TTntaniM9fD
QJR6TgxGfLtJ192i1FWQtXvc4hpjywpz7X7g6egI6UTGegYO0D1+Bd31LKi82jgx
+RUz4vh5QttlxeUmDwalPcv/ellaAaH1w3GFHthCu3oRETMzXBIFD5XXbUnBQSI=
=X+v0
—–END PGP SIGNATURE—–

© COMPUTEC MEDIA GmbH
Nach oben