Homeland Secure IT Alert for Wednesday, March 16, 2011
Adobe has warned of a new zero day vulnerability the other day that is being used to exploit users of Adobe Flash Player, Adobe Reader and Acrobat across all platforms, including Microsoft Windows and Apple Mac OS X and Linux. It also covers Flash player for Chrome and Android users, as well as the Authplay.dll component from Adobe Reader and Acrobat X for Windows and Macintosh.
This is a critical vulnerability and at this moment in time, there is no fix for it.
Attackers are exploiting it by attaching malicious Excel (.xls) documents to emails. The Excel document will contain a specially crafted Flash (.swf) file, and if you open the malicious Excel attachment, the embedded .swf file executes and leverages the vulnerability to install persistent malware on your system, such as a bot client giving the attacker a stepping stone to install even more malware.
Since no patch exists, yet, it is advised that you use extreme caution when opening Excel documents attached in email unless you are expecting them.
If you feel you have done so in the last few days, please run a virus scan, or consult with your computer service or repair technicians. Those in Greenville / Upstate SC can call Homeland Secure IT at 864.990.4748 or email firstname.lastname@example.org for assistance.