[NEWS] Adobe License Management Service Vulnerability

From: SecuriTeam (support_at_securiteam.com)
Date: 06/20/05

  • Next message: SecuriTeam: "[NEWS] Cisco 802.1x Voice-Enabled Interfaces Allow Anonymous Voice VLAN Access"
    To: list@securiteam.com
    Date: 20 Jun 2005 10:24:39 +0200
    
    

    The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com
    - - promotion

    The SecuriTeam alerts list - Free, Accurate, Independent.

    Get your security news from a reliable source.
    http://www.securiteam.com/mailinglist.html

    - - - - - - - - -

      Adobe License Management Service Vulnerability
    ------------------------------------------------------------------------

    SUMMARY

    A vulnerability within the Adobe License Management Service has been
    identified. The vulnerability exists due to a flaw in the installation of
    the License Management Service, which can lead to an unauthorized person
    gaining access to the user's computer. The Adobe License Management
    Service is installed with various Adobe products that require product
    activation.

    DETAILS

    Recommendations:
    Adobe recommends that all customers who purchased Adobe Photoshop CS,
    Adobe Creative Suite, or Adobe Premiere Pro 1.5 through the retail channel
    apply the Adobe License Management Service update (see the "Instructions"
    section) as a proactive measure.

    Customers using the latest version of Photoshop (version CS2) or Adobe
    Creative Suite (version CS2) are not exposed to this vulnerability and do
    not need to apply this update.

    Further, this update is applicable to products mentioned above on the
    Windows OS platform only.

    Caveat:
    If you reinstall the affected products from their original media, rerun
    the update after you reinstall the software.

    Instructions:
    1. Download the Adobe License Management Service update from
    <http://www.adobe.com/support/downloads/detail.jsp?ftpID=2955>
    http://www.adobe.com/support/downloads/detail.jsp?ftpID=2955.

    2. Quit all Adobe applications.

    3. Extract the downloaded almupd.zip file, and then double-click the
    almupd.exe file.

    4. Follow the on-screen instructions.

    ADDITIONAL INFORMATION

    The information has been provided by <mailto:psirt@adobe.com> Adobe
    PSIRT.
    The original article can be found at:
    <http://www.adobe.com/support/techdocs/331688.html>
    http://www.adobe.com/support/techdocs/331688.html

    ========================================

    This bulletin is sent to members of the SecuriTeam mailing list.
    To unsubscribe from the list, send mail with an empty subject line and body to: list-unsubscribe@securiteam.com
    In order to subscribe to the mailing list, simply forward this email to: list-subscribe@securiteam.com

    ====================
    ====================

    DISCLAIMER:
    The information in this bulletin is provided "AS IS" without warranty of any kind.
    In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages.


  • Next message: SecuriTeam: "[NEWS] Cisco 802.1x Voice-Enabled Interfaces Allow Anonymous Voice VLAN Access"