April 10, 2012 - Qualys® Vulnerability R&D Lab has released new vulnerability checks in QualysGuard® to protect organizations against vulnerabilities announced today in Adobe security update. Customers can immediately audit their networks for these and other new vulnerabilities by accessing their QualysGuard subscription.
Adobe has released 1 security patch to fix newly discovered flaws in Adobe. Qualys has released the following checks for these new vulnerabilities:
|Adobe Acrobat and Reader Multiple Vulnerabilities (APSB12-08)|
|SEVERITY: Urgent 5|
|QUALYS ID: 120103|
|VENDOR REFERENCE: APSB12-08|
|CVE REFERENCE: CVE-2012-0774 | CVE-2012-0775 | CVE-2012-0776 | CVE-2012-0777|
|CVSS SCORES: Base 9.3 | Temporal 6.9|
|THREAT: Adobe Acrobat and Reader are applications for handling PDF files. Adobe Acrobat and Reader are prone to the following vulnerabilities:|
An integer overflow in the True Type Font (TTF) handling that could lead to code execution (CVE-2012-0774).
A security bypass via the Adobe Reader installer that could lead to code execution (CVE-2012-0776).
|IMPACT: Exploitation could cause the application to crash or lead to code execution.|
|SOLUTION: Adobe recommends users of Adobe Reader X (10.1.2) and earlier versions for Windows and Macintosh update to Adobe Reader X (10.1.3). For users of Adobe Reader 9.5 and earlier versions for Windows and Macintosh, who cannot update to Adobe Reader X (10.1.3), Adobe has made available the update Adobe Reader 9.5.1. Adobe recommends users of Adobe Reader 9.4.6 and earlier versions for Linux update to Adobe Reader 9.5.1. Adobe recommends users of Adobe Acrobat X (10.1.2) for Windows and Macintosh update to Adobe Acrobat X (10.1.3). Adobe recommends users of Adobe Acrobat 9.5 and earlier versions for Windows and Macintosh update to Adobe Acrobat 9.5.1.
Refer to Adobe Security Bulletin ABSB12-08 for more information.
This new vulnerability check is included in Qualys vulnerability signatures 2.2.96-3. Each QualysGuard account is automatically updated with the latest vulnerability signatures as they become available. To view the vulnerability signature version in your account, from the QualysGuard HOME menu, select the Account Info tab.
SELECTIVE SCAN INSTRUCTIONS USING QUALYSGUARD:
To perform a selective vulnerability scan, configure a scan profile to use the following options:
- Ensure access to TCP ports 135 and 139 are available.
- Enable Windows Authentication (specify Authentication Records).
Enable the following Qualys IDs:
- If you would like the scan to return the Windows Hostname, also include QID 82044 and ensure access to UDP port 137 is available.
- If you would like to be notified if QualysGuard is unable to logon to a host (if Authentication fails), also include QID 105015.
In addition, prior to running a scan for these new vulnerabilities, you can estimate your exposure to these new threats by running the Risk Matrix Report, available from the QualysGuard HOME page.
US: 1 866.801.6161 | EMEA: 33 1 44.17.00.41 | UK: +44 1753 872102
Access for QualysGuard customers: https://qualysguard.qualys.com
Free trial of QualysGuard service: http://www.qualys.com/forms/trials/qualysguard_trial/