Cyber Criminals gained access to Adobe’s Update Servers. It appears Adobe Systems has once again become a prime target. But this time, instead of focusing on finding new vulnerabilities in the Adobe Acrobat Reader software, Cyber criminals (and maybe Nation states or Cyber Terrorists, tbd) have found a new way in – the new Adobe Updater – a Cloud-based updating service for all of Adobe’s major applications. The compromise allowed hackers to create at least two malicious files that were digitally signed using a valid Adobe certificate, according to Adobe security chief Brad Arkin.
Risk = It is possible that your Adobe applications could be compromised after an update. However, Adobe plans (and may have already) revoked the compromised server certificates in early October. According to Adobe, one of the two digitally signed malware files is a utility that extracts password hashes from the Microsoft Windows operating system. This is typically used in a multi-pronged attack as one of the first phases – first gain escalated privileges, then compromise other system resources and eavesdrop without notice or cause harm. It’s hard to tell just yet how extensive the damage is although Adobe claims they have it under control.
What to do about it? Adobe says they have already resolved the problem, however, you might want to run alternative programs such as Foxit PDF viewer and other non Adobe tools for a few weeks throughout October while we wait and see the damage and if Adobe’s really fixed the problem. Remember, never disable your anti-virus software and firewall, if they are warning about issues with Adobe, there’s probably a good reason.
Microsoft also had a month full of issues with a bulletin full of major critical security updates, here: http://technet.microsoft.com/en-us/security/bulletin/ms12-oct
These vulnerabilities run the gambit from holes in the Oracle Database Server, to their acquired assets of the open source MySQL system to JAVA.
For more information, visit them here: http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html
SOURCES: Adobe, Microsoft, Oracle and USCERT.gov
Copyright (C) 2012-2013, Cyber Defense Magazine, a division of S.G. Samuels Publishing LLC
848 N. Rainbow Blvd. #4496, Las Vegas, NV 89107. EIN: 454-18-8465, DUNS# 078358935.
All rights reserved worldwide. firstname.lastname@example.org