Another Adobe Acrobat vulnerability is being exploited in the wild. All versions up to and including 9.1.3 are vulnerable. The current exploit targets Acrobat and Acrobat Reader on Windows specifically, but all Acrobat variants (those for Linux and Mac OS X) are vulnerable. Apparently, using DEP (Data Execution Prevention) in Windows may thwart the attack (at the moment). DEP is an optional setting. Here is the Microsoft KB article about DEP, but their server is saying it’s “too busy” at the moment (4:11p). More information from the ISC is here.

Adobe is set to release an update on October 13. Until then, keep on your toes!

TRUE Network Security Monitoring customers: rest easier: if your resources are successfully attacked, we should see the results.

Brett Edgar

Brett is a Founder and the Director of Managed Security Services at TRUE. He has been working in the system and network forensics field since graduating from the University of Tulsa with a B.S. Computer Science in 2003. He speaks hexadecimal fluently and is TRUE's resident human Ethernet transceiver. He holds CISSP, CSSLP, and CNSS 4011-4015 certificates, loves MLB and NCAA Football, and when he gets tired of hexadecimal, he goes home to hang out with his wife and kid.

Twitter - More Posts

Well, installation wasn’t too bad.  It took about 20 minutes or so.  As a bonus, all of my settings seem to be intact and all of my programs continue to function properly.  Even our corporate AV is working… I hope this isn’t premature, but: Good job, Microsoft.

Brett Edgar

Brett is a Founder and the Director of Managed Security Services at TRUE. He has been working in the system and network forensics field since graduating from the University of Tulsa with a B.S. Computer Science in 2003. He speaks hexadecimal fluently and is TRUE's resident human Ethernet transceiver. He holds CISSP, CSSLP, and CNSS 4011-4015 certificates, loves MLB and NCAA Football, and when he gets tired of hexadecimal, he goes home to hang out with his wife and kid.

Twitter - More Posts

So Vista SP2 is now available to the masses.  I’ve downloaded it and am in the process of installing it.  So far no problems, but it is claiming that my machine may reboot several times and the total installation time may be 1 hour or more.  Here’s hoping the upgrade goes smoothly and I still have full functionality when the process completes…I’ll post my results here later today.

Brett Edgar

Brett is a Founder and the Director of Managed Security Services at TRUE. He has been working in the system and network forensics field since graduating from the University of Tulsa with a B.S. Computer Science in 2003. He speaks hexadecimal fluently and is TRUE's resident human Ethernet transceiver. He holds CISSP, CSSLP, and CNSS 4011-4015 certificates, loves MLB and NCAA Football, and when he gets tired of hexadecimal, he goes home to hang out with his wife and kid.

Twitter - More Posts

Last week, in a surprise move, Microsoft announced Open Access to Protocol Documentation[microsoft.com]. Microsoft is releasing their protocol technical specifications for interoperability with Windows Vista, Windows Server 2008, Exchange, and others. This means third party and open source software will be able to “talk” directly with Windows components that had previously been closed to them. This is quite a change for Microsoft, who until now kept their protocols propriety, forcing vendors to reverse-engineer the protocols. This should result in greater support between open source products and Windows. I hope other companies follow Microsoft’s lead.

Michael Oglesby

The Director of Tactical Security Services at TRUE, Michael specializes in security testing initiatives with vast network and application security assessment experience. He oversees a team of analysts in conducting SAST- and DAST-based services. Certifications include CISSP, CSSLP, QSA and CNSS 4011-4015. He is also the Verizon 2010 Data Breach Investigation Report Cover Challenge Winner and second place finisher in the 2011 competition.

Twitter - More Posts

Did anyone notice this story on SecurityFocus? It’s an article discribing a series of attempted malware infections that were first reported by the SANS Internet Storm Center over Christmas. Apparently, three people reported buying digital picture frames made by the same manufacturer from three different Sam’s Club stores. When plugged into a computer, the malware on the picture frames attempted to perform various nasty things.

This type of threat is likely to increase as more and more devices become digitally aware. Your best bet for protecting yourself is to disable the autorun feature in Windows. That way you can scan and examine the devices you attach to your computer before the malware they may be hosting has an opportunity to become a part of your digital life.

Dominic Schulte

Dominic Schulte currently serves as the Managing Director of Security Services & Consulting at TRUE, where he is responsible for the execution of a wide range of security and regulatory compliance services. Previously, Dominic worked with the National Security Agency (NSA) as a Global Network Exploitation and Vulnerability Analyst in the National Security Incident and Response Center (NSIRC). He holds CISSP, QSA and CNSS 4011-4015 certifications.