There is a new Adobe ZeroDay out that you should start following and make sure to patch your systems whenever Adobe gets to releasing a patch etc... You can read more about it here:
http://vrt-sourcefire.blogspot.com/2009/12/adobe-reader-medianewplayer-analysis.html http://twitter.com/hdmoore/status/6706530082 http://extraexploit.blogspot.com/search/label/CVE-2009-4324 http://isc.sans.org/diary.html?storyid=7747 P.S. As I have known many on the list for quite some time now I wanted to update you all that I have recently joined FireEye as Chief Security Architect to help oversee product innovation and research. In a nut shell we are a hardware based solution that bridges some of the visibility and complexity gap of traditional network intrusion prevention and desktop anti-virus in order to provide comprehensive detection for today's latest threats. This includes being able to for example detect the above malicious PDF zeroday at the network level, and through virtual machine verification within the appliance, across your entire organization by simply dropping in a box. http://www.fireeye.com/news_events/pr/20091209_PR.html More fun research to come! Signed, Marc Maiffret Chief Security Architect FireEye, Inc. http://www.fireeye.com/ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
