Adobe has confirmed a new zero-day vulnerability affecting to Windows, Mac and Unix versions of Adobe Acrobat and Adobe Reader. The exploit seen in targeted attacks was made for Adobe Acrobat 9.1.3 for Windows.
However, the vendor is developing a patch for older 8.x and 7.x versions as well.
The issue has been widely covered in this Finnish language article.
According to Trend Micro the length of malicious PDF files is 117,049 bytes.
The update for critical JBIG2 code execution vulnerability affecting Adobe Acrobat and Reader products has been released recently. The advisory is located here and as expected there is no patch for older 8.x versions yet.
The newest version knows the version number Acrobat 9.1.
The German foreign intelligence service, the Bundesnachrichtendienst
(BND), has eavesdropped on 2,500 PCs in the last couple of years.
News magazine Der Spiegel broke the news on its website this weekend.
According to the magazine, information saved on HDDs was copied and transferred to Pullach, where the BND is headquartered.
In various other cases, keyloggers were installed to capture passwords for email accounts. ....
Microsoft has released a document describing how the Secure Development Lifecycle
(SDL) model maps to so-called CWE/SANS Top25 List, i.e. "25 Most Dangerous Programming Error" list released earlier in January.
Item-by-item type analysis as a Word document has been released too. The link is being included to this MSDN blog entry.
".... Copper thieves are threatening US critical infrastructure by targeting
electrical sub-stations, cellular towers, telephone land lines,
railroads, water wells, construction sites, and vacant homes for
The FAQ document includes the following new information (from Revision History):
1.2 26-10-2008 Major updates to Trojan section, added credits, information of non-affected dll versions and Snort rule reference 1.3 27-10-2008 Added information about the various file names and sizes, a separate Arpoc section and Nessus plugin reference
The shooting at a school in Kauhajoki comes less than a year after the Scandinavian country was shocked by the murder of eight people at a school by a gun-weilding teenager.
Pekka-Eric Auvinen, 18, killed seven fellow pupils and the headmistress at Jokela High School in Tuusula,
30 miles north of the capital Helsinki and around 200 miles from Kauhajoki where the most recent shootings took place.
Auvinen turned the gun on himself while surrounded by heavily armed police in November last year and died later in hospital.
He carried out the killings after uploading a film titled Jokela High School Massacre to YouTube, the video-sharing website.