Malware in AUSST files!!

tkimpton
Valued Contributor II

Thanks to Sophos their AV flagged this up. You need to re download the updates again fully (option 1) not incremental

http://www.adobe.com/support/security/advisories/apsa12-01.html

4 REPLIES 4

tkimpton
Valued Contributor II

i am so annoyed. This doesnt work

[
http://helpx.adobe.com/x-productkb/global/guidance-administrators-certificate-revocation.html#id_30073](
http://helpx.adobe.com/x-productkb/global/guidance-administrators-certificate-revocation.html#id_30073)

still downloads the revoked certificates.

Called Adobe support and they wont do anything arrrrhhhhhhhhh!!!!!!!

tkimpton
Valued Contributor II

Jody can you kick some arse please i can't believe i am being put through to volume licensing support!!!

tkimpton
Valued Contributor II

fyi offending file here

Threat: 'Mal/Generic-S' detected in /Library/Server/Web/Data/Sites/CustomSitesDefault/updates/Adobe/CS/updates/oobe/aam10/win/AdobePremiereProCS5-5.5.0-Retail/5.5.2/Setup.zip

tkimpton
Valued Contributor II

i’ve already tried this to redownload AUSST files using option 1

http://helpx.adobe.com/x-productkb/global/guidance-administrators-certificate-revocation.html#id_300...

My work around was to go to the relevant locations as root user and delete the file and recreate a fake zip file.

Eg

rm –rf /Library/Server/Web/Data/Sites/CustomSitesDefault/updates/Adobe/CS/updates/oobe/aam10/win/AdobePremiereProCS5-5.5.0-Retail/5.5.2/Setup.zip
touch /Library/Server/Web/Data/Sites/CustomSitesDefault/updates/Adobe/CS/updates/oobe/aam10/win/AdobePremiereProCS5-5.5.0-Retail/5.5.2/Setup.zip

At the moment Adobes guidance will not work because the malware still exists on their servers and following their instructions just re-downloads it.