and lets have a look at the CERT notes for the exploit:
A critical vulnerability exists in Adobe Flash Player 10.0.45.2 and earlier versions for Windows, Macintosh, Linux and Solaris operating systems, and the authplay.dll component that ships with Adobe Reader and Acrobat 9.x for Windows, Macintosh and UNIX operating systems. This vulnerability (CVE-2010-1297) could cause a crash and potentially allow an attacker to take control of the affected system. There are reports that this vulnerability is being actively exploited in the wild against both Adobe Flash Player, and Adobe Reader and Acrobat.
So in summary...
you have to download the PDF
you have to open the PDF
the vulnerability is multi platform including Mac OS X
How would this flow in the real world... on a typical Windows system these are your security mechanisms on order of prevention:
- AV signature spots malware and isolates download
- AV prevents execution from TEMP directory
- DEP prevents exploit (Win XP SP2 on)
- UAC prompts user for app installation
On a typical Mac system
- DEP prevents exploit
- user prompted for app app installation
The last two mechanisms are debateable though. DEP on Safari has proven easy to circumvent (
http://appleheadlines.com/2011/03/10/apple-safari-browser-gets-hacked-in-5-seconds/ ) and I'm sure the same applies for other OS's (these guys reckon they can get passed Chrome easily) - and users... well no explanation necessary.
So... as I already noted the exploit is not as silent at getting into the system as you think, and exploitable on an OS X system with typically less security mechanisms in place to prevent infection.
