Comments on: Zero-Day Flaws in Adobe Reader, Acrobat

By: JimV

JimV — Wed, 20 Feb 2013 20:17:03 +0000

Looks like Adobe released the patch(es) today, announced in this update notice:

https://www.adobe.com/support/security/bulletins/apsb13-07.html

There are links in the notice to the particular file downloads for both Reader and Acrobat according to OS flavor.

By: Stratocaster

Stratocaster — Wed, 20 Feb 2013 03:47:04 +0000

When you click on the Reader link on the homepage, it directs you to 10.1.4, not even 10.1.5. Whassup with that? If you do the menu thing instead, for some, but not all, Windows versions, you can select 11.0.0.1 from the pull-down menu.

By: Vee

Vee — Tue, 19 Feb 2013 20:35:04 +0000

“Mozilla puts native PDF viewer in Firefox 19″
http://reviews.cnet.com/8301-13727_7-57570062-263/mozilla-puts-native-pdf-viewer-in-firefox-19/

Bout time and no better timing.

By: Jonathan

Jonathan — Tue, 19 Feb 2013 15:43:14 +0000

That’s right, they only exist in Reader XI, not Reader X.

By: Angelina

Angelina — Mon, 18 Feb 2013 00:16:56 +0000

http://news.softpedia.com/news/Facebook-Targeted-in-Sophisticated-Attack-Java-Zero-Day-Used-to-Push-Malware-330032.shtml

i want to know what antivirus this guys were using ? heeee

By: JimboC

JimboC — Sun, 17 Feb 2013 21:52:35 +0000

No, I’m afraid that I have not read anything that suggests it will be back-ported to Windows 7.

I read that Windows 8 is one of the first of any OS to have support for SMEP. SMEP has been in the making for over a year. It was added to Windows 8 before the Ivy Bridge CPUs came to the market.

I may or may not upgrade my CPU to an Ivy Bridge CPU. My motherboard does support it but I have my doubts about buying a new CPU just for a security feature.

Thanks.

By: mechBgon

mechBgon — Sun, 17 Feb 2013 21:41:50 +0000

I’ve read a number of papers and articles on SMEP already, and absorbed about as much information as my non-coder brain can take It boiled down to “wow, I wish the computers in my SOHO fleet had SMEP-capable CPUs.” I wonder if Microsoft will backport SMEP support to Win7, have you read anything along those lines?

By: JimboC

JimboC — Sun, 17 Feb 2013 20:31:40 +0000

Hi mechBgon,

I am glad you liked the information that I posted. The presentation from Matt Miller contains the best information about Windows 8 Security that I have encountered.

I have some links to more info about SMEP if you are interested? For example, some researchers have found ways to partially bypass it.

Thanks.

By: mechBgon

mechBgon — Sun, 17 Feb 2013 17:54:14 +0000

Thanks for all your useful info JimboC

Tangentially, in Miller’s presentation that you mentioned, on page 32 he mentions that Win8 also supports a new hardware-level CPU security feature similar to Data Execution Prevention, with the acronym SMEP. For the security-minded folks, if you’ll be buying (or building) Windows 8 systems, check whether the CPU supports SMEP. SMEP complicates exploitation by preventing the OS kernel from executing code in memory space marked as user.

As of early 2013, SMEP is supported on Intel processors with Ivy Bridge cores, which are used in the _latest_ versions of the Celeron, Pentium, Core i3/i5/i7 and some Xeons. A little homework will net you a nice hardware-based security bonus

By: JimboC

JimboC — Sun, 17 Feb 2013 15:32:57 +0000

Hi everyone,

Adobe has stated that a patch for these flaws will be available some time next week.

Here is the blog post announcing this and a link to the advisory (now updated):

http://blogs.adobe.com/psirt/2013/02/schedule-update-to-security-advisory-for-adobe-reader-and-acrobat-apsa13-02.html

http://www.adobe.com/support/security/advisories/apsa13-02.html

Thanks.