This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Community FAQ
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Security updates available for Adobe Acrobat and Reader | APSB18-09

Go to solution
caverna
Engaged Sweeper III

‎05-15-2018 05:11 PM

Hi guys, this is my suggestion to report this vulnerability described at https://helpx.adobe.com/security/products/acrobat/apsb18-09.html



Select Top 1000000 tblAssets.AssetID,
  tblAssets.AssetName,
  tblAssets.Domain,
  tblAssets.Username,
  tblAssets.Userdomain,
  tblAssets.IPAddress,
  tblAssets.SP,
  tblAssets.Lastseen,
  tblAssets.Lasttried,
  tblSoftwareUni.softwareName As Software,
  tblSoftware.softwareVersion As Version,
  tblSoftwareUni.SoftwarePublisher As Publisher,
  tblSoftware.Lastchanged
From tblAssets
  Inner Join tblSoftware On tblAssets.AssetID = tblSoftware.AssetID
  Inner Join tblSoftwareUni On (
    tblSoftwareUni.SoftID = tblSoftware.softID And (
      (tblSoftwareUni.softwareName Like '%Acrobat Reader%' Or tblSoftwareUni.softwareName Like '%Acrobat%') And 
      tblSoftwareUni.softwareName Not Like '%Extended Asian%' And 
      tblSoftwareUni.softwareName Not Like '%Acrobat.com%' And 
      tblSoftwareUni.softwareName Not Like '%MUI%'
    )
  )
  Inner Join tblAssetCustom On tblAssets.AssetID = tblAssetCustom.AssetID
Where
  tblAssetCustom.State = 1 And
  Convert(Int,replace (tblSoftware.softwareVersion,'.','')) <= 1801120038
Order By
  tblAssets.Domain,
  tblAssets.AssetName,
  Software


based on: https://www.lansweeper.com/forum/yaf_postst16153_7-Zip-Arbitrary-Code-Execution-Vulnerability-Check.aspx
updated according to Sylvie suggestion!
1 ACCEPTED SOLUTION
Go to solution
caverna
Engaged Sweeper III
In response to Sylvie

‎06-04-2018 02:18 PM

Sylvie wrote:
Hi,

Here is my report for this vulnerabilty:
  • avoid using substring and use replace instead --> legacy Adobe products taken into account
  • filter the softwarename directly within the Inner Join --> faster and avoid "Convert(Int,..." to be analysed first
  • add some exceptions to the filter : acrobat.com and %MUI% products


f*cking awsome!!!

View solution in original post

10 REPLIES 10
Go to solution
Esben_D
Lansweeper Employee
Lansweeper Employee

‎05-17-2018 09:37 AM

Thank you for sharing!
0 Kudos

Reports & Analytics

Ask about reports you're interested in and share reports you've created. Subscribe to receive daily updates of reports shared in the Community.

New to Lansweeper?

Try Lansweeper For Free

Experience Lansweeper with your own data.
Sign up now for a 14-day free trial.

Try Now