• Skip to main content
  • Skip to primary sidebar
  • Skip to footer
  • Home
  • About Darknet
  • Hacking Tools
  • Popular Posts
  • Darknet Archives
  • Contact Darknet
    • Advertise
    • Submit a Tool
Darknet – Hacking Tools, Hacker News & Cyber Security

Darknet - Hacking Tools, Hacker News & Cyber Security

Darknet is your best source for the latest hacking tools, hacker news, cyber security best practices, ethical hacking & pen-testing.

Critical 0-day Vulnerability In Adobe Flash Player, Reader & Acrobat

October 29, 2010

Views: 17,313

Well this seems to be a frequently recurring theme, yes there is yet another critical 0day vulnerability in Adobe products – pretty much across the board this time.

It was that long ago that a critical flaw in Flash put Android phones at risk. The core vulnerability exists in Flash but it’s being actively exploited in Adobe Reader via the usual pdf route.

The vulnerability exists across all OS versions (including Android), but as usual the active exploitation seems to be taking place on the Windows platform.

Adobe has confirmed reports that yet another unpatched vulnerability in the latest versions of its ubiquitous software is being actively exploited to infect end users with data-stealing malware.

The vulnerability exists in Adobe’s Reader document viewer and Flash Media Player for Windows, OS X and Unix operating systems, Adobe warned on Thursday. According to independent researchers, it is being exploited in the wild against Reader for Windows to install a nasty trojan known as Wisp, which according to Microsoft, steals sensitive user data and installs a backdoor on compromised systems.

The vulnerability itself resides in Adobe’s Flash Player, which is available as stand alone software and is also embedded into Reader. According to researcher Mila Parkour of the Contagio Malware Dump blog, poisoned PDF documents are circulating that drop two malicious binaries onto Windows machines that open the document files.

A screenshot identified the two files as nsunday.exe and nsunday.dll. A Virus Total scan showed just 15 of 42 antivirus programs were detecting the malicious EXE. She didn’t say whether the attacks succeed against more recent versions of the OS, which Microsoft has designed to withstand many of the most common types of exploits.

This vector comes to pass as Flash player is also embedded into Adobe Reader, so by using a malicious PDF file with the AuthPlay exploit – they can trigger the Flash player flaw and drop malware into the OS.

There is information on how to disable the AuthPlay functionality at the bottom of the Adobe advisory:

Security Advisory for Adobe Flash Player, Adobe Reader and Acrobat

Basically you need to go to the Adobe Reader directory and delete the AuthPlayLib.bundle (Windows/Mac OSX) or libauthplay.so.0.0.0. (linux) file.

Adobe said it planned to patch the vulnerability in Flash during the week of November 9 and in Reader during the week of November 15. The schedule is puzzling, since Reader has been confirmed to be under attack and Flash has not been confirmed.

In the meantime, users can protect themselves by using an alternate document viewer, such as Foxit. For those who must use Reader, Adobe said they can mitigate attacks by removing functionality known as AuthPlay, by following the instructions near the bottom of this advisory. Adobe provided no temporary measures Flash users can follow.

It’s been a bad couple of years for Adobe’s security team, which has gotten repeatedly hammered by critical vulnerabilities that are exploited by criminals to install malware on users’ machines. Three weeks ago, the company issued a fix for a security flaw in Reader that was also under attack by a highly sophisticated exploit. Last month, Adobe fixed a critical vulnerability in Flash that was also being used to compromise end user computers.

Adobe is also in the process of developing a patch for a code-execution bug in its Shockwave Player. By many researchers’ reckoning, Reader is among the world’s most exploited applications, in close competition with Oracle’s Java framework and, of course, various Microsoft programs.

From recent attacks it seems Adobe Reader and Flash are amongst the most exploited applications, especially when it comes to serious vulnerabilities that allow code-execution.

The new generation Adobe Reader with Sandbox Feature can’t come soon enough.

There’s also more here:

Hackers exploit newest Flash zero-day bug

Source: The Register

Related Posts:

  • 0-Day Flash Vulnerability Exploited In The Wild
  • Latest Update Patches 78 CVE-classified Flash…
  • An Introduction To Web Application Security Systems
  • Facebook Disabled Flash For Video Finally
  • Apple Will Not Patch Windows QuickTime Vulnerabilities
  • Pingcastle - Active Directory Security Assessment Tool
Share
Tweet48
Share
Buffer
WhatsApp
Email
48 Shares

Filed Under: Exploits/Vulnerabilities, Malware, Windows Hacking Tagged With: 0-day, 0day, adobe, adobe flash security, adobe reader, adobe security, flash



Primary Sidebar

Search Darknet

  • Email
  • Facebook
  • LinkedIn
  • RSS
  • Twitter

Advertise on Darknet

Latest Posts

Defending Against Malicious Botnets in 2025 Automated Traffic Threats and Mitigation

Defending Against Malicious Botnets in 2025 Automated Traffic Threats and Mitigation

Views: 179

Automated internet traffic will now overtake human activity, presenting sophisticated cyber threats … ...More about Defending Against Malicious Botnets in 2025 Automated Traffic Threats and Mitigation

TREVORspray - Credential Spray Toolkit for Azure, Okta, OWA & More

TREVORspray – Credential Spray Toolkit for Azure, Okta, OWA & More

Views: 342

TREVORspray is a purpose-built password spraying utility designed for red teams and offensive … ...More about TREVORspray – Credential Spray Toolkit for Azure, Okta, OWA & More

Force Push Scanner - Hunt GitHub Dangling Commits for Leaked Secrets

Force Push Scanner – Hunt GitHub Dangling Commits for Leaked Secrets

Views: 349

Force Push Scanner is an offensive security tool that identifies secrets inadvertently left in … ...More about Force Push Scanner – Hunt GitHub Dangling Commits for Leaked Secrets

Emerging Darknet Marketplaces of 2025 Anatomy Tactics & Trends

Emerging Darknet Marketplaces of 2025 Anatomy Tactics & Trends

Views: 5,509

Darknet marketplaces remain central to illicit trade in 2025, with evolving business models, payment … ...More about Emerging Darknet Marketplaces of 2025 Anatomy Tactics & Trends

Caracal - Rust eBPF Rootkit for Stealthy Post-Exploitation

Caracal – Rust eBPF Rootkit for Stealthy Post-Exploitation

Views: 519

Caracal is a new Rust-based eBPF (extended Berkeley Packet Filter) rootkit that provides a stealth … ...More about Caracal – Rust eBPF Rootkit for Stealthy Post-Exploitation

Windows_EndPoint_Audit - Endpoint Security Auditing Toolkit

Windows_EndPoint_Audit – Endpoint Security Auditing Toolkit

Views: 576

Windows_EndPoint_Audit from ITAuditMaverick introduces a powerful method for offensive security … ...More about Windows_EndPoint_Audit – Endpoint Security Auditing Toolkit

Topics

  • Advertorial (28)
  • Apple (46)
  • Cloud Security (2)
  • Countermeasures (231)
  • Cryptography (84)
  • Dark Web (1)
  • Database Hacking (89)
  • Events/Cons (7)
  • Exploits/Vulnerabilities (432)
  • Forensics (65)
  • GenAI (4)
  • Hacker Culture (9)
  • Hacking News (231)
  • Hacking Tools (688)
  • Hardware Hacking (82)
  • Legal Issues (179)
  • Linux Hacking (74)
  • Malware (240)
  • Networking Hacking Tools (353)
  • Password Cracking Tools (105)
  • Phishing (41)
  • Privacy (219)
  • Secure Coding (119)
  • Security Software (236)
  • Site News (51)
    • Authors (6)
  • Social Engineering (37)
  • Spammers & Scammers (76)
  • Stupid E-mails (6)
  • Telecomms Hacking (6)
  • UNIX Hacking (6)
  • Virology (6)
  • Web Hacking (384)
  • Windows Hacking (170)
  • Wireless Hacking (45)

Security Blogs

  • Dancho Danchev
  • F-Secure Weblog
  • Google Online Security
  • Graham Cluley
  • Internet Storm Center
  • Krebs on Security
  • Schneier on Security
  • TaoSecurity
  • Troy Hunt

Security Links

  • Exploits Database
  • Linux Security
  • Register – Security
  • SANS
  • Sec Lists
  • US CERT

Footer

Most Viewed Posts

  • Brutus Password Cracker Hacker – Download brutus-aet2.zip AET2 (2,333,846)
  • Darknet – Hacking Tools, Hacker News & Cyber Security (2,173,359)
  • Top 15 Security Utilities & Download Hacking Tools (2,096,839)
  • 10 Best Security Live CD Distros (Pen-Test, Forensics & Recovery) (1,199,813)
  • Password List Download Best Word List – Most Common Passwords (933,804)
  • wwwhack 1.9 – wwwhack19.zip Web Hacking Software Free Download (776,476)
  • Hack Tools/Exploits (673,480)
  • Wep0ff – Wireless WEP Key Cracker Tool (530,461)

Search

Recent Posts

  • Defending Against Malicious Botnets in 2025 Automated Traffic Threats and Mitigation July 16, 2025
  • TREVORspray – Credential Spray Toolkit for Azure, Okta, OWA & More July 14, 2025
  • Force Push Scanner – Hunt GitHub Dangling Commits for Leaked Secrets July 11, 2025
  • Emerging Darknet Marketplaces of 2025 Anatomy Tactics & Trends July 9, 2025
  • Caracal – Rust eBPF Rootkit for Stealthy Post-Exploitation July 7, 2025
  • Windows_EndPoint_Audit – Endpoint Security Auditing Toolkit July 4, 2025

Tags

apple botnets computer-security darknet Database Hacking ddos dos exploits fuzzing google hacking-networks hacking-websites hacking-windows hacking tool Information-Security information gathering Legal Issues malware microsoft network-security Network Hacking Password Cracking pen-testing penetration-testing Phishing Privacy Python scammers Security Security Software spam spammers sql-injection trojan trojans virus viruses vulnerabilities web-application-security web-security windows windows-security Windows Hacking worms XSS

Copyright © 1999–2025 Darknet All Rights Reserved · Privacy Policy