ITC Security Threat of the Week – Week 2: Adobe Flash 0-day (CVE-2013-0633, CVE-2013-0634) – Palo Alto Emergency Content Release 355
Vulnerability is a weakness in a hardware or software that can allow an attacker to violate the target system`s integrity, confidentiality, etc.
2 Zero-day vulnerabilities have been identified affecting Adobe Flash Player 11.5.502.146 and earlier versions.
Zero day refers to the fact that there are reports about the above two, previously unknown vulnerabilities being exploited in the wild, e.g.: the attack occurs on day “0”.
The listed vulnerabilities are being exploited – according to reports – by either in the form of a Microsoft Word email attachment containing malicious Flash(SWF) content or via malicious Flash(SWF) code hosted on websites.
Adobe has released security patches/updates.
Palo Alto Emergency Content Update version 355 is also available.
Affected Product Releases and Versions
Adobe Flash Player 11.5.502.146 and earlier versions for Windows and Macintosh
Adobe Flash Player 11.2.202.261 and earlier versions for Linux
Adobe Flash Player 11.1.115.36 and earlier versions for Android 4.x
Adobe Flash Player 11.1.111.31 and earlier versions for Android 3.x and 2.x
What is the Impact?
The vulnerabilities, which have been assigned the CVE identifiers of CVE-2013-0633 & CVE-2013-0634, could lead to a DoS (Denial of Service) or allow an attacker to gain unauthorized access.
What is the Solution?
Users are advised to update their products to the latest versions at the earliest opportunity.
Platform Browser Player version
Windows Internet Explorer (and other browsers that support Internet Explorer ActiveX controls and plug-ins) 11.5.502.149
Internet Explorer (Windows 8 ) 11.3.379.14
Firefox, Mozilla, Netscape, Opera (and other plugin-based browsers) 11.5.502.149
Chrome 11.5.31.139
Macintosh OS X Firefox, Opera, Safari 11.5.502.149
Chrome 11.5.31.139
Linux Mozilla, Firefox, SeaMonkey 11.2.202.262
Chrome 11.5.31.139
Solaris 11.2.202.223
Google Chrome includes Adobe Flash Player built-in, it is supposed to update automatically when new versions are available.
Palo Alto Customers should ensure that they are running the latest Threat Prevention signature – version 355.
References
http://www.adobe.com/support/security/bulletins/apsb13-04.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0633
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0634
ITC Secure Networking
The vulnerabilities listed in this article are another examples of IT security risks that make SIEM solutions, Intrusion Prevention systems and next generation firewalls a must have in today`s computing world.
ITC provide a wide variety of solutions that can help you and your organization to detect and mitigate possible online attacks, for example:
– Palo Alto Threat Prevention
– HP ArcSight SIEM
– Cisco and Checkpoint IPS
– QualysGuard Vulnerability Scanner
The listed items are available in the form of both Consultancy and Managed Service.
To learn more about ITC Secure Networking and the services we offer, please visit our website: itcsecure.com
