San Jose, California – July 2009 (Eskenzi PR) – Finjan discovered a new 0-day exploit “in the wild”. This time, cybercriminals are exploiting a vulnerability in Adobe Acrobat Reader and Flash player.
The zero-day vulnerability found (CVE-2009-1862) can be exploited to download and execute malicious code on the victim’s PC. Adobe announced that an update will be available on July 31, 2009 which will leave end users’ PCs until then unprotected.
The exploit was detected “in the wild” by Finjan’s Malicious Code Research Center (MCRC). As with the previous 0-day attacks reported by MCRC, Finjan’s unified secure web gateway (SWG) successfully detected and prevented the attempt to exploit the vulnerability and execute the code. By utilizing its patented real-time content inspection technology, Finjan’s SWG proactively prevented the attack without any update.
Web security products utilizing real-time code analysis technologies are the preferred solution to block such 0-day attacks and exploits. Yuval Ben-Itzhak, Finjan CTO explains: “Finjan customers are protected from these kinds of zero-day attacks, since Finjan’s Vital Security™ Web Gateway is able to detect such an exploit and block it without the need to have prior knowledge of the specific technique used by cybercriminals.”
For more information about this zero-day exploit and a snapshot of the actual code as found in-the-wild, please visit Finjan’s blog at: http://www.finjan.com/MCRCblog.aspx?EntryId=2307
For more information on Adobe Security Advisory about this vulnerability: http://www.adobe.com/support/security/advisories/apsa09-03.html
Finjan’s MCRC specializes in the detection, analysis and research of web threats, including Crimeware, Web 2.0 attacks, Trojans and other forms of malware. Our goal is to be steps ahead of hackers and cybercriminals, who are attempting to exploit flaws in computer platforms and applications for their profit. In order to protect our customers from the next Crimeware wave and emerging malware and attack vectors, Finjan MCRC is a driving force behind the development of Finjan's next generation of security technologies used in our unified Secure Web Gateway solutions. For more information please also visit our info center and blog.
For more information about Finjan, please visit: www.finjan.com.
For alerts, please follow us on Twitter at www.twitter.com/SecureTweets
<>