Zero-day Adobe exploit zapped by Finjan

According to Finjan, the zero-day vulnerability (CVE-2009-1862) - which is already being exploited in the wild - can be used to download and execute malware onto the victim's PC.

Adobe - which confirmed the exploit earlier this week - has said that it will issue a patch on July 31.

The downside of this, says Finjan, is that this effectively leaves users open to the problem until the patch is issued.

The logical solution, Infosecurity notes, is to switch to using one of the many Adobe PDF-compliant alternative applications until such time as a patch is issued.

For corporates, however, this may not be an option.

Finjan reports that its research team has tested the exploit and found that the company's unified secure web gateway successfully detected and prevented the problem, without the need for an update.

For more information about this zero-day exploit and a snapshot of the actual code as found in-the-wild, Finjan has made an explanatory posting on its blog here.

For details of the flaw on Adobe's site, look here.


 

What’s hot on Infosecurity Magazine?