A critical zero-day Flash exploit that arrives in a PDF file is being used in attacks aimed at Adobe Reader and Acrobat 9.x. The exploited vulnerability is found across all major platforms, and a patch is not expected to be available for a couple of weeks.The exploited Flash vulnerability is found across all major platforms, Adobe stated when acknowledging the problem: "A critical vulnerability exists in Adobe Flash Player 10.1.85.3 and earlier versions for Windows, Macintosh, Linux and Solaris operating systems; Adobe Flash Player 10.1.95.2 and earlier versions for Android; and the authplay.dll component that ships with Adobe Reader 9.4 and earlier 9.x versions for Windows, Macintosh and UNIX operating systems, and Adobe Acrobat 9.4 and earlier 9.x versions for Windows and Macintosh operating systems."
The exploit arrives by way of a trojan-bearing PDF file attached to an e-mail promising info about a government-released Personnel Management iPad/iPhone app -- making the mail particularly tempting for people seeking jobs.
But even if all of your employees are happy and secure in their positions, they need to be warned about this exploit:
Once executed, the malware can, according to Adobe, "cause a crash and potentially allow an attacker to take control of the affected system."
The company announced a fix schedule that calls for the Flash bug repair to be released November 9, with the Reader and Acrobat repairs to be released the week of November 15.
Until then, Adobe recommends that users delete or remove or rename the authplay file(s) on their systems. Platform specific authplay delete/remove information is here (scroll down).
Good idea to pass that information along, to mark your calendars for the patch release dates... and to remind your people once more not to open unsolicited e-mail of any sort, and to be hyper-wary of any e-mail with a PDF attachment.