Microsoft Outlook Support

  • Subscribe to our RSS feed.
  • Twitter
  • StumbleUpon
  • Reddit
  • Facebook
  • Digg

Monday, 10 August 2009

Finjan Prevents Zero-Day Exploit of Adobe Acrobat Reader and Flash Player Vulnerability

Posted on 11:49 by Unknown
San Jose, California – July 2009 (Eskenzi PR) – Finjan discovered a new 0-day exploit “in the wild”. This time, cybercriminals are exploiting a vulnerability in Adobe Acrobat Reader and Flash player.

The zero-day vulnerability found (CVE-2009-1862) can be exploited to download and execute malicious code on the victim’s PC. Adobe announced that an update will be available on July 31, 2009 which will leave end users’ PCs until then unprotected.

The exploit was detected “in the wild” by Finjan’s Malicious Code Research Center (MCRC). As with the previous 0-day attacks reported by MCRC, Finjan’s unified secure web gateway (SWG) successfully detected and prevented the attempt to exploit the vulnerability and execute the code. By utilizing its patented real-time content inspection technology, Finjan’s SWG proactively prevented the attack without any update.

Web security products utilizing real-time code analysis technologies are the preferred solution to block such 0-day attacks and exploits. Yuval Ben-Itzhak, Finjan CTO explains: “Finjan customers are protected from these kinds of zero-day attacks, since Finjan’s Vital Security™ Web Gateway is able to detect such an exploit and block it without the need to have prior knowledge of the specific technique used by cybercriminals.”

For more information about this zero-day exploit and a snapshot of the actual code as found in-the-wild, please visit Finjan’s blog at: http://www.finjan.com/MCRCblog.aspx?EntryId=2307

For more information on Adobe Security Advisory about this vulnerability: http://www.adobe.com/support/security/advisories/apsa09-03.html

Finjan’s MCRC specializes in the detection, analysis and research of web threats, including Crimeware, Web 2.0 attacks, Trojans and other forms of malware. Our goal is to be steps ahead of hackers and cybercriminals, who are attempting to exploit flaws in computer platforms and applications for their profit. In order to protect our customers from the next Crimeware wave and emerging malware and attack vectors, Finjan MCRC is a driving force behind the development of Finjan's next generation of security technologies used in our unified Secure Web Gateway solutions. For more information please also visit our info center and blog.

For more information about Finjan, please visit: www.finjan.com.
For alerts, please follow us on Twitter at www.twitter.com/SecureTweets

<>
Email ThisBlogThis!Share to XShare to FacebookShare to Pinterest
Posted in | No comments
Newer Post Older Post Home

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Popular Posts

  • DDoS-Attacks disable many shopping websites, including Amazon
    Just in time for last minute Christmas shopping major shopping sites disabled by Michael Smith (Veshengro) London, December 26, 2009: An...
  • Open Source Software in Business & Government
    by Michael Smith (Veshengro) Lots of Open Source in use in mainland Europe, including EU member states, very little in the UK and less still...
  • Cyber-Ark Expands RSA Secured Partner Program Certification Status
    Cyber-Ark Privileged Identity Management Suite, Inter-Business Vault and Sensitive Document Vault Now Formally Interoperable with RSA enVisi...
  • Infosecurity Adviser applauds forensics lab training facilities at key UK university
    London, UK. May 2009: Infosecurity Adviser, Infosecurity Europe’s online community for the information security industry, has published a r...
  • Scientific company discusses simultaneously protecting applications and data
    Simultaneously protecting applications and data: The next evolution in security? September 2009 (Eskenzi PR) – In a recent Imperva podcast...
  • TUFIN TECHNOLOGIES WINS the PRESTIGIOUS 2010 Computing Security Award for ‘Best bench tested solution of the Year’
    Network Computing and Computing Security Magazine Editors Select Tufin’s SecureChange Workflow as the Top Product Reviewed in 2010 Londo...
  • Brocade Service Could Help Reduce Billions in Data Centre Operations Costs
    New Energy Efficiency Review provides holistic assessment and remedial strategies to help companies optimise efficiency and reduce costs Ene...
  • Infosecurity Europe 2011 Hall of Fame nominations now open
    London UK, February  2011 – The time is ripe to elevate the greatest movers and shakers in the world of information security as nominations ...
  • Tufin survey reveals the truth about fudging audits, IT cost cutting and buying equipment online
    Ramat Gan, Israel – May 27, 2009 – Tufin Technologies today announced the results of its “Reality Bytes” security survey. The survey parti...
  • ISACA’s EuroCACS Conference Demystifies the Cloud
    Event for IT Professionals Will Take Place 20-23 March, Manchester London, England, (8 th March 2011)— Global business and information ...

Categories

  • ASUS
  • AVG Link Scanner
  • BeCrypt
  • book review
  • Brocade
  • Codenomicon
  • Columbian USB stick loss
  • computer recycling
  • Conficker worm
  • Credant Technologies
  • cyber crime
  • Cyber-Ark
  • Cyber-Ark®
  • Data Center
  • data encryption
  • DeviceLock
  • Digital Pathways
  • diskGenie
  • Eclypt
  • Eee PC
  • Eee PC Seashell 1008HA
  • F5 Networks
  • Facebook
  • Finjan
  • Finjan Inc.
  • Finjan MCRC
  • Firewall Management
  • Fortify
  • Fortify 360
  • Fortify Software
  • Fortify® Software
  • gadgets
  • Google
  • Google Chrome
  • green computing
  • green IT
  • IBM
  • Infosec
  • Infosec Europe 2009
  • Infosecurity Adviser
  • Infosecurity Europe
  • Infosecurity Europe 2009
  • Internet privacy
  • iStorage
  • iStorage diskGenie
  • iStorage Ltd.
  • Juniper Networks
  • Lakeland
  • Lapdesk
  • LLC
  • Logitech
  • malware
  • ManageEngine
  • McAfee International Ltd
  • MI6
  • MI6 data loss
  • Microsoft
  • MiFi™ 2352
  • Mio
  • Mobile Broadband
  • MS Office
  • National Cybersecurity Advisor
  • Navman
  • Navman Spirit
  • Netac
  • Novatel
  • Novatel Wireless Intelligent Mobile Hotspot 2352
  • OneClick IntelliPanel Desktop
  • online social media
  • open source
  • OpenOffice.org
  • Optenet
  • Origin Data Locker
  • Origin Storage
  • PNDs
  • product review
  • Red
  • SaaS
  • Sat Nav
  • saving energy
  • Security
  • Shavlik Technologies
  • SIS
  • spam
  • Stonewood Group
  • Storage Area Networks
  • Storage Expo
  • Storage Expo 2009
  • Sun Microsystems
  • Swine Flu
  • Syphan Technologies
  • Throwing Sheep in the Boardroom
  • Tufin Technologies
  • Twitter
  • U256
  • Unisys Security Index
  • USB drives
  • Vektor
  • VisionRacer
  • VisionRacer VR3
  • VMware
  • Weast
  • Web Apps Security
  • WebFilter PC Solution
  • WebSpy
  • XSS-driven attacks

Blog Archive

  • ►  2012 (1)
    • ►  January (1)
  • ►  2011 (67)
    • ►  December (1)
    • ►  April (1)
    • ►  March (14)
    • ►  February (30)
    • ►  January (21)
  • ►  2010 (192)
    • ►  December (20)
    • ►  November (22)
    • ►  October (19)
    • ►  September (5)
    • ►  August (8)
    • ►  July (5)
    • ►  June (22)
    • ►  May (13)
    • ►  April (11)
    • ►  March (13)
    • ►  February (27)
    • ►  January (27)
  • ▼  2009 (240)
    • ►  December (25)
    • ►  November (9)
    • ►  October (21)
    • ►  September (19)
    • ▼  August (30)
      • Leona Lewis music hack may be publicity stunt
      • US Court Grants Finjan a Permanent Injunction for ...
      • Swisscom IT cuts time spent on firewall management...
      • Amazon cloud evangelist to give Storage Expo openi...
      • Crown Plaza Venice hotel booking fiasco could have...
      • Fowlers Revs Up With Numara Track-It!
      • Twitter security move positive but is it it enough?
      • Stolen Lincoln playgroup laptop highlights danger ...
      • Mobile laptop usage soaring - but what about compa...
      • Security players form alliance to tackle malware
      • 1.7 million reasons for local authorities to use p...
      • “VirtualiSation and the Other Green Computing Init...
      • Cross site scripting (XSS) flaws hit the Ministry ...
      • Britney Spears hack highlights reputational risk o...
      • CREDANT Technologies extends data protection to Ma...
      • Compliance does not guarantee security
      • Staff&Line Partners with ProServ
      • Microsoft announces Office 2010 web applications
      • Weak cloud password security highlights strength o...
      • Peru makes a big statement about reusing rather th...
      • FSA £3m fine on HSBC could easily have been avoided
      • Twitter down again - another attack?
      • Pro-Georgian blogger was the target of Internet at...
      • Finjan Prevents Zero-Day Exploit of Adobe Acrobat ...
      • Microsoft and Yahoo cooperate on Search
      • DESlock+ Achieves ‘Five Star’ Accolade
      • Instant message dangers are growing
      • Google promises end to viruses - Fortify says: don...
      • Criminals could capture data from wireless keyboards
      • Loyal Employees or Snooping Staff? You Decide
    • ►  July (35)
    • ►  June (30)
    • ►  May (21)
    • ►  April (42)
    • ►  March (8)
Powered by Blogger.

About Me

Unknown
View my complete profile