New Adobe Flash 0-Day 133
Trailrunner7 writes "Adobe is warning its users about a critical vulnerability in Flash that affects Adobe Reader and Acrobat, as well, and is being used in some highly targeted attacks right now. The vulnerability in Flash Player affects Reader and Acrobat, both of which include Flash functionality, but it does not affect Reader X. Adobe officials said that Reader X's Protected Mode sandbox would prevent successful exploits. The company plans to have a patch for the affected products ready by next week for all platforms, including Windows, Mac, Linux, Android and Solaris."
Re:Mac, Linux, Android and Solaris. (Score:4, Interesting)
Most exploits are written as an attempt to get root/admin or affect system settings. In my testing of adobe exploits (not this one, but previous ones) I noticed that if I ran as a limited user the exploits don't usually work. If I run as admin with UAC running, the UAC never comes up and the exploit works. UAC + admin is not the same as running as a limited user.
Yes, you're right about malware running in user userspace and that's a real problem with this approach, but running as limited gives some benefits that are not obvious. Arguably, AV and smart computer usage makes up for the rest. This excel file seems to already be in all the major virus definitions.
Re:Mac, Linux, Android and Solaris. (Score:2, Interesting)
Agreed. Local privilege escalation exploits are a dime a dozen on desktop Linux distributions (especially those that install the full Gnome suite). Surprisingly enough, Ubuntu is one of the better distributions in this regard because it ships with reasonably decent App Armor profiles.