Websense Security Labs : Adobe 0day in the wild
July 2009 by Websense
Earlier this week, we received reports of a Adobe 0day in the wild (CVE-2009-1862). This flaw affects Adobe Reader and Acrobat 9.2, as well as Flash Player 9 and 10, for Windows, Macintosh, and Linux operating systems.
We have analyzed the samples we received, which has enabled us to protect our customers from the samples circulating in the wild.
Adobe has estimated a patch release date of July 30th or 31st which will address the majority of operating systems affected. If that date isn’t soon enough for your organization, a third-party patch has been released by Metasploit. Until the patch is released, we will actively work to protect our customers from all samples in the wild.
References:
– http://www.blogs.adobe.com/psirt
– http://metasploit.com/users/pusscat/patches/AcroRead-NoFlash.exe