InteVyDis, a Russian firm specializing in packaging software security exploits, has released a software module that can give a remote computer access to an up-to-date Windows 7 machine running the most recent version of Adobe Flash Player 11.
The exploit module, called vd_adobe_fp, is packaged in VulnDisco Step Ahead Edition, an add-on toolkit for Canvas—an automated exploitation system developed for IT security professionals by Miami Beach-based Immunity. In a video demo of the exploit, Immunity's Alex McGeorge said that the attack had been tested against fully patched Windows 7 Ultimate and Windows XP Pro systems running Internet Explorer 7 and 8, Google Chrome, and Firefox. McGeorge said that a Mac OS X version of the exploit is expected in the next release.
When a system connects to a website on a remote system equipped with the exploit, it can give that system access to a "low-integrity" shell with limited access to the target, allowing the uploading of other software modules to the target and giving the remote system control over TCP socket connections. Additional exploits could then be used to get higher-level permissions to the system.
Update: An Adobe spokesperson responded to an inquiry from Ars on the exploit, saying that the company is aware of the announcement and has "reached out" to InteVyDis. "We would welcome any details so we can verify and address the vulnerability," the spokesperson said, but without further information Adobe can do nothing but monitor for exploits.
reader comments
50