Posted on 11/08/2005 9:07:40 AM PST by ShadowAce
Security researchers have discovered a vulnerability in Macromedia's Flash Player that creates a mechanism for hackers to attack the PCs of users running the popular application. The security bug - described as critical - affect Macromedia Flash Player 6.x and 7.x. Macromedia has issued security updates.
The flaw stems from a failure to reject malformed SWF files as invalid. This bug might be exploited by using specially crafted (malformed) SWF file to execute arbitrary code on the machines of users induced into visiting sites under the control of hackers.
Flash Player version 7.0.19.0 and prior on the Windows platform, and in versions prior to 7.0.25.0 on Unix, are reportedly vulnerable. Users are advised to upgrade to Flash Player 8 (8.0.22.0) or apply a Flash Player 7 update (7.0.61.0 or 7.0.60.0) in order to guard against possible attack. An advisory from Macromedia explaining the security glitch can be found here. The bug was independently discovered by Fang Xing of eEye Digital Security (advisory here) and Bernhard Mueller of SEC Consult (advisory here). ®
Yup--the more you block, the better off you are. With AdBlock, 95% of everything out there never reaches my machine.
Whether you want Flash on your computer is one issue; but if you have it, this problem was fixed when Flash 8 was released, quite some time ago.
Macromedia : You got pwnt.
PWND BY TEH L337 HAX0RZ!!
"PWND BY TEH L337 HAX0RZ!!"
alright now, this is not the usenet stop it with the cripted stuff. i hate reading that crap.(grin)
where am i? slashdot?
no, if we were at slashdot you would hear 50 posts how somehow this is bush's fault. i love the tech stuff but good god the moonbats over there are LOONS!!!!
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.