Endpoint Protection

 View Only
  • 1.  New Zero-Day Vulnerability Hits Adobe Reader

    Posted Feb 25, 2013 03:49 AM

    Dear All,

    Does anyone have idea whether Symantec is having solution for recent vulnerability detected for Adobe Reader?

    Refer below URL for deatils of attack.

    http://voices.yahoo.com/adobe-reader-hit-pdf-zero-day-exploit-12019275.html

    Thanks & Regards,

    Parag

     



  • 2.  RE: New Zero-Day Vulnerability Hits Adobe Reader

    Trusted Advisor
    Posted Feb 25, 2013 04:29 AM

    Hello,

    Read more in this BLOG's from Symantec Security Response Team -

    New Adobe Vulnerabilities Being Exploited in the Wild

    http://bit.ly/14UdGxS

    New Adobe PDF Zero-day Unleashes Trojan.Swaylib

    http://bit.ly/XDo0UY

    Symantec is now detecting ...

    Bloodhound.Flash.20 is a heuristic detection for files attempting to exploit the Adobe Flash Player Buffer Overflow Vulnerability (CVE-2013-0633).

    http://bit.ly/WKHxXT

    Bloodhound.Flash.19 is a heuristic detection for files attempting to exploit the Adobe Flash Player Remote Memory Corruption Vulnerability (CVE-2013-0634).

    http://bit.ly/YtehBm

    Hope that helps!!



  • 3.  RE: New Zero-Day Vulnerability Hits Adobe Reader

    Posted Apr 26, 2013 07:24 AM

    This new Security Response blog post will be of interest to followers of this thread:

    2013 First Quarter Zero-Day Vulnerabilities
    https://www-secure.symantec.com/connect/blogs/2013-first-quarter-zero-day-vulnerabilities

    ...

    Symantec recommends users to follow these best security practices:

    • Ensure all applications are up to date with the latest security patches. Even though a zero-day exploit cannot be patched, the latest updates will provide protection from previously disclosed vulnerabilities.
    • Ensure antivirus and IPS definitions are up-to-date.
    • Avoid visiting sites of questionable integrity.
    • Avoid opening files provided by untrusted sources.
    • Implement multiple redundant layers of security such as non-executable and randomly mapped memory segments that may hinder an attacker's ability to exploit vulnerabilities.