Operating System:

[WIN][LINUX][MAC][Mobile][Solaris]

Published:

18 April 2011

Protect yourself against future threats.

//Service

Malicious URL Feed

Add this Australian-based feed to your firewall blacklist and SIEM to prevent compromises to your network.

Read more
Resources > Security Bulletins > ESB-2011.0442 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2011.0442
             Security update available for Adobe Flash Player
                               18 April 2011

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           Flash Player
                   AIR
Publisher:         Adobe
Operating System:  Windows
                   Linux variants
                   Mac OS X
                   Solaris
                   Mobile Device
Impact/Access:     Execute Arbitrary Code/Commands -- Remote with User Interaction
Resolution:        Patch/Upgrade
CVE Names:         CVE-2011-0611  

Reference:         ESB-2011.0405

Original Bulletin: 
   http://www.adobe.com/support/security/bulletins/apsb11-07.html

- --------------------------BEGIN INCLUDED TEXT--------------------

Security bulletin

Security update available for Adobe Flash Player

   Release date: April 15, 2011

   Vulnerability identifier: APSB11-07

   CVE number: CVE-2011-0611

   Platform: All Platforms

Summary

   A critical vulnerability has been identified in Adobe Flash Player
   10.2.153.1 and earlier versions (Adobe Flash Player 10.2.154.25 and
   earlier for Chrome users) for Windows, Macintosh, Linux, and Solaris,
   and Adobe Flash Player 10.2.156.12 and earlier versions for Android.
   This vulnerability (CVE-2011-0611), as referenced in Security
   Advisory APSA11-02, could cause a crash and potentially allow an
   attacker to take control of the affected system. There are reports
   that this vulnerability is being exploited in the wild in targeted
   attacks via a malicious Web page, or a Flash (.swf) file embedded in a
   Microsoft Word (.doc) or Microsoft Excel (.xls) file delivered as an
   email attachment, targeting the Windows platform.

   Adobe recommends users of Adobe Flash Player 10.2.153.1 and earlier
   versions (Adobe Flash Player 10.2.154.25 and earlier versions for
   Chrome users) for Windows, Macintosh, Linux, and Solaris update to
   Adobe Flash Player 10.2.159.1 (Adobe Flash Player 10.2.154.27 for
   Chrome users). Adobe recommends users of Adobe AIR 2.6.19120 and
   earlier versions for Windows, Macintosh and Linux update to Adobe AIR
   2.6.19140. Adobe expects to make available an update for Adobe Flash
   Player 10.2.156.12 and earlier versions for Android no later than the
   week of April 25, 2011.

Affected software versions

     * Adobe Flash Player 10.2.153.1 and earlier versions for Windows,
       Macintosh, Linux, and Solaris operating systems
     * Adobe Flash Player 10.2.154.25 and earlier versions for Chrome
       users
     * Adobe Flash Player 10.2.156.12 and earlier for Android
     * Adobe AIR 2.6.19120 and earlier versions for Windows, Macintosh
       and Linux

   To verify the version of Adobe Flash Player installed on your system,
   access the About Flash Player page, or right-click on content
   running in Flash Player and select "About Adobe (or Macromedia) Flash
   Player" from the menu. If you use multiple browsers, perform the check
   for each browser you have installed on your system.

   To verify the version of Adobe AIR installed on your system, follow
   the instructions in the Adobe AIR TechNote.

Solution

   Adobe recommends all users of Adobe Flash Player 10.2.153.1 and
   earlier versions for Windows, Macintosh, Linux, and Solaris upgrade to
   the newest version 10.2.159.1 by downloading it from the Adobe
   Flash Player Download Center. Windows users can install the update via
   the auto-update mechanism within the product when prompted.

   Google Chrome users can update to Chrome version 10.0.648.205 or
   later.

   Adobe recommends users of Adobe AIR 2.6.19120 and earlier versions for
   Windows, Macintosh and Linux update to Adobe AIR 2.6.19140.

   Adobe expects to make available an update for Adobe Flash Player
   10.2.156.12 and earlier versions for Android no later than the week of
   April 25, 2011.

Severity rating

   Adobe categorizes these as critical updates and recommends
   affected users update their installations to the newest versions.

Details

   A critical vulnerability has been identified in Adobe Flash Player
   10.2.153.1 and earlier versions (Adobe Flash Player 10.2.154.25 and
   earlier for Chrome users) for Windows, Macintosh, Linux, and Solaris,
   and Adobe Flash Player 10.2.156.12 and earlier versions for Android.
   This vulnerability (CVE-2011-0611), as referenced in Security
   Advisory APSA11-02, could cause a crash and potentially allow an
   attacker to take control of the affected system. There are reports
   that this vulnerability is being exploited in the wild in targeted
   attacks via a malicious Web page, or a Flash (.swf) file embedded in a
   Microsoft Word (.doc) or Microsoft Excel (.xls) file delivered as an
   email attachment, targeting the Windows platform.

   These updates resolves a memory corruption vulnerability that could
   lead to code execution (CVE-2011-0611).

   Adobe recommends users of Adobe Flash Player 10.2.153.1 and earlier
   versions (Adobe Flash Player 10.2.154.25 and earlier versions for
   Chrome users) for Windows, Macintosh, Linux, and Solaris update to
   Adobe Flash Player 10.2.159.1 (Adobe Flash Player 10.2.154.27 for
   Chrome users). Adobe recommends users of Adobe AIR 2.6.19120 and
   earlier versions for Windows, Macintosh and Linux update to Adobe AIR
   2.6.19140. Adobe expects to make available an update for Adobe Flash
   Player 10.2.156.12 and earlier versions for Android no later than the
   week of April 25, 2011.

   Affected software            Flash Player 10.2.153.1 and earlier
   Recommended player update    10.2.159.1
   Availability                 Flash Player Download Center

   Affected software            Flash Player 10.2.153.1 and earlier 
                                - network distribution
   Recommended player update    10.2.159.1
   Availability                 Flash Player Licensing

   Affected software            Google Chrome
   Recommended player update    10.2.154.27
   Availability                 Google Chrome Releases

   Affected software            AIR 2.6.19120
   Recommended player update    2.6.19140
   Availability                 AIR Download Center


Acknowledgments

   Adobe would like to thank the following individuals and organizations
   for reporting the relevant issues and for working with Adobe to help
   protect our customers:
     * Mila Parkour (CVE-2011-0611)

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        http://www.auscert.org.au/render.html?cid=1980

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: https://www.auscert.org.au/1967

iD8DBQFNq4p+/iFOrG6YcBERAq/UAKDLkkozXChpam8EKBYmIoacyipuRQCeOQ86
CdLxbNYI86lZZOjU7MKYozU=
=TnjK
-----END PGP SIGNATURE-----