HAKIN9 EXTRA 5/2012

Apple Doesn’t want Flash on its iOS
by Keith DeBus
Ever since the advent of the iPhone in June of 2007, Apple’s decision to forego Adobe’s ubiquitous Flash software has raised eyebrows and more than a few hackles. Then, when Apple introduced the now revolutionary iPad in April of 2010, the controversy escalated to a white hot froth in short order. Apple and its CEO and founder, Steve Jobs, has claimed that Flash was a security vulnerability and threatened the convenience and usability of their mobile devices and therefore would be banned from iOS and their mobile devices. In this article, we will look at the long history of the relationship between Apple and Abobe than culminated in this ban, examine closely the claims and counter claims and then attempt to sort out the validity of Apple’s claims against Adobe and its Flash software.

Exploiting Adobe Flash Player
by Swetha Dabbara
The vulnerability exists in Flash Player versions 11.2.202.233 and earlier for Windows, Macintosh and Linux systems, as well as versions 11.1.115.7 and earlier for Android 4.x and versions 11.1.111.8 and earlier for Android versions 3.x and 2.x. The company said the plan to include a Google Play link for Android users at some point today so that they can get the update for their devices. The patch is of highest urgency as there are attacks in the wild against the vulnerability. “Users that have opted-in to participate in the newly introduced silent update feature (currently only available on Windows), will have the update applied automatically on all browsers present on their system,” he continued. “Users of other operating systems and users that have opted-out of ‘silent update’ need to manually install on all browsers.”

User Training and Written Security Policies More Important Than Ever in a World of Social Media & BYOD
by Ken Krauss
Rather than having a standardized list of allowed applications on employee devices known to company security managers, with BYOD the list of allowed applications on computing devices is often non-standardized. Further complicating the issue, company IT staff might not even know which device(s) employees use, and might not now be allowed to connect remotely to employee devices for patch management, virus scans, and other security concerns. It is also much more likely that the BYOD employee will be sharing their devices with others that are even less skillfully trained on computer security than your employees are, such as their children or other family members.

Hard Disk Diagnostics: Opportunities and Solutions
by Dmitry Postrigan
It is not a secret that every data recovery specialist must perform a full diagnosis of a hard disk drive to find the problem or the disk state in general as the very first step in all data recovery cases. Only accuracy and competent approach can guarantee the extraction the maximum amount of a data to avoid further damage to the hard drive. Have you ever considered what it takes to find the exact state of the customer’s drive? Usually, it is a quite complex task that involves a number of tests, guesses, and risks; and it has been like that for many years. I believe it’s time to offer something better. Atola Insight provides the unique, fully-automated in-depth diagnosis of any PATA or SATA hard drive. Just one click, and in a few minutes, you’ll have the full diagnosis report outlining the exact issue.

Security Teams at Adobe
Adobe has a team in place (the Adobe Secure Software Engineering Team – ASSET), which is dedicated to ensuring our products are designed, engineered and validated using security best practices. Brad Arkin, senior director of security for Adobe’s products and services, leads that team. A second team within ASSET (the Product Security Incident Response Team – PSIRT) is responsible for responding to and communicating about security issues. ASSET and PSIRT (as they exist today) were put in place during the integration of Macromedia and Adobe in late 2005 by combining the corresponding security teams from each company, and these teams continue to evolve to best address the threat landscape facing Adobe’s products. All engineering teams at Adobe work very closely and proactively with the Adobe Secure Software Engineering Team (ASSET) during each phase of the Adobe Secure Product Lifecycle (SPLC). In addition, product teams have dedicated security development and testing groups in place. As a result of changes in the threat landscape, we have about seven times as many engineers dedicated to security today compared to 2009.

Adobe Reader TTF MINDEX CVE-2012-0774

by Jamaal Speights

CVE-2012-0774, discovered by Peter Vreugdenhil of HP DVLabs described it as this:

https://dvlabs.tippingpoint.com/advisory/TPTI-12-03

“This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way Adobe Reader handles the Control Value Table ‘cvt ‘ opcode stream in a embedded True Type Font. When processing a MINDEX opcode (0×26), the function reads an DWord from the TTF Stack, multiplies it by 4 and checks if the resulting size is small enough to fit in the remaining TTF stack space. It will then use the original value as a loop counter to copy data on the TTF stack located in the data section of Cooltype.dll. This can result in a buffer overwrite that can lead to code execution under the context of the current process.”