Tuesday, October 13, 2015

It's Adobe Critical Updates Day!
Flash & AIR have 13 CVE patches,
Acrobat & Reader have 51 patches!!!

--

[URGENT UPDATE: These new, current versions of Adobe Flash and AIR have a zero-day vulnerability out-in-the-wild! DO NOT USE FLASH AT ALL at this point in time! Seriously! I'm going to post an article after this one that provides some information. In the meantime: UNINSTALL FLASH NOW please!

Uninstall instructions from Adobe:

Uninstall Flash Player | Mac OS

Removing Adobe AIR

After uninstalling Flash and AIR, RESTART your running web browsers,

Please do this RIGHT NOW. If you have more than one Mac, be certain to dump Flash and AIR there as well. 

More to follow.]
~ ~ ~ ~ ~

It's the second-Tuesday-of-the-month, which means it's time for a bombardment of Adobe security patches! This month's pile of patches is truly astonishing. Keep in mind that this isn't the only day of the month Adobe provides security updates. This past month, Adobe pushed out two separate groups of security updates.

Here are today's Adobe security bulletins:


Adobe Flash and AIR


Adobe Acrobat and Reader


Here are the linked Adobe updates:


Adobe Flash, Desktop v19.0.0.207

Adobe Flash, Extended Support v18.0.0.252 (Scroll down to 'Flash Player Archives')

Adobe AIR v19.0.0.213


Adobe Acrobat DC and DC Reader 'Continuous' v2015.009.20069

Adobe Acrobat DC and DC Reader 'Classic' v2015.006.30094
Adobe Acrobat and Reader XI Desktop v11.0.13
Adobe Acrobat and Reader X Desktop v10.1.16

CVE Patches:

[I'm not linking the listed CVEs (Common Vulnerabilities and Exposures) this month as the list is massive and I'm rather busy at my end at the moment. The link to look up CVEs is at the right of this page.]


Adobe Flash and AIR
Vulnerability Details

These updates resolve a vulnerability that could be exploited to bypass the same-origin-policy and lead to information disclosure (CVE-2015-7628).

These updates include a defense-in-depth feature in the Flash broker API (CVE-2015-5569).

These updates resolve use-after-free vulnerabilities that could lead to code execution (CVE-2015-7629, CVE-2015-7631, CVE-2015-7643, CVE-2015-7644).

These updates resolve a buffer overflow vulnerability that could lead to code execution (CVE-2015-7632).

These updates resolve memory corruption vulnerabilities that could lead to code execution (CVE-2015-7625, CVE-2015-7626, CVE-2015-7627, CVE-2015-7630, CVE-2015-7633, CVE-2015-7634).
Adobe Acrobat and Reader
Vulnerability Details

These updates resolve a buffer overflow vulnerability that could lead to information disclosure (CVE-2015-6692).

These updates resolve use-after-free vulnerabilities that could lead to code execution (CVE-2015-6689, CVE-2015-6688, CVE-2015-6690, CVE-2015-7615, CVE-2015-7617, CVE-2015-6687, CVE-2015-6684, CVE-2015-6691, CVE-2015-7621, CVE-2015-5586, CVE-2015-6683).

These updates resolve heap buffer overflow vulnerabilities that could lead to code execution (CVE-2015-6696, CVE-2015-6698).

These updates resolve memory corruption vulnerabilities that could lead to code execution (CVE-2015-6685, CVE-2015-6693, CVE-2015-6694, CVE-2015-6695, CVE-2015-6686, CVE-2015-7622).

These updates resolve memory leak vulnerabilities (CVE-2015-6699, CVE-2015-6700, CVE-2015-6701, CVE-2015-6702, CVE-2015-6703, CVE-2015-6704, CVE-2015-6697).

These updates resolve security bypass vulnerabilities that could lead to information disclosure (CVE-2015-5583, CVE-2015-6705, CVE-2015-6706, CVE-2015-7624).

These updates resolve various methods to bypass restrictions on Javascript API execution (CVE-2015-6707, CVE-2015-6708, CVE-2015-6709, CVE-2015-6710, CVE-2015-6711, CVE-2015-6712, CVE-2015-7614, CVE-2015-7616, CVE-2015-6716, CVE-2015-6717, CVE-2015-6718, CVE-2015-6719, CVE-2015-6720, CVE-2015-6721, CVE-2015-6722, CVE-2015-6723, CVE-2015-6724, CVE-2015-6725, CVE-2015-7618, CVE-2015-7619, CVE-2015-7620, CVE-2015-7623, CVE-2015-6713, CVE-2015-6714, CVE-2015-6715).
WARNING:

As ever, running software over the Internet can be dangerous. The most dangerous software to use are the Adobe Flash, Adobe Shockwave and Oracle Java browser plug-ins. If you don't need them, either trash them or pull them out of your system and put them intp a 'disabled' folder. You can find all of these plug-ins here:


/Library/Internet Plug-ins/


Adobe Acrobat and Reader can be dangerous if you're using them to read PDF files you've downloaded from the Internet. The safest way to run either of these programs is with 'Enhanced Security' (Security 'Enhanced') turned ON in their preferences. Even then, as noted in the CVE list above, that may not protect you from malicious PDF files.


Also dangerous, for the same reason, are the Adobe PDF Viewer plug-ins for web browsers. As with the other dangerous plug-ins noted above, either trash them or put them into a 'disabled' folder. If you have a specific reason to use the Viewer plug-ins, then you're stuck with them. However, for the vast majority of people there is NO reason to use them. All web browsers have their own built-in PDF viewer functions. You can find the Adobe PDF Viewer plug-ins here:


/Library/Internet Plug-ins/AdobePDFViewer.plugin

/Library/Internet Plug-ins/AdobePDFViewerNPAPI.plugin

~ ~ ~ ~ ~

As usual:

The #1 Rule of Computing and Security is:


MAKE A BACKUP!


Backups allow you to restore your computer back to health if it gets PWNed (zombied/botted) or otherwise compromised on the Internet.


There are many articles on the Internet about computer backup strategies. Here are a three articles and two ebooks specific to Mac backups:


Bulletproof backups: When you absolutely can't lose any data


Apple: Backing up your Mac hard drive


Apple Support Communities: Most commonly used backup methods


Backing Up Your Mac: A Joe On Tech Guide


TAKE CONTROL OF Security for Mac Users


Stay safe out there kids!



--

No comments:

Post a Comment