The Digital Rag
Real World Information in a Virtual World
Sign Up!
Login Welcome to The Digital Rag
Wednesday, February 08 2012 @ 04:28 AM PST

Adobe Flash Player - still being exploited

Sunday, June 01 2008 @ 05:19 PM PDT

Contributed by: Richard Pitt

Newsletter Postings

I read a bulletin from the Internet Storm Center http://isc.sans.org/diary.php?storyid=4465 a couple of days ago about the fact that there are active exploits (nasty advertising links and videos) already on the net for a vulnerability that has just surfaced with all current and previous versions of Adobe's flash player.

It turns out this is an old attack and that the affected player versions are still being used by many people. You should check your IE and Firefox (and other) browsers separately for the version of the Adobe flash player they use. This can be done by browsing to this address: http://kb.adobe.com/selfservice/viewContent.do?externalId=tn_15507

In my case my Firefox on Linux is 9.0.124.0 - which is the correct/latest one - my Windoze box is down for the count after a power burp a couple of days ago - but I'll check it as soon as I have it back up. It's a good thing I don't rely on Windows eh???


This is a good time to stay away from web sites where you might encounter "3rd party" advertising - that is advertising that originates with somebody that is not directly affiliated with the site's master advertising provider (Google, Yahoo, MSN, etc.)

I'll note here that Google has just started accepting applications for 3rd party hosted ads, but they are vetting the advertisers heavily and won't allow just anybody to join them in this way.

The reason for staying away from sites with 3rd party ads is that the "bad uglies" can create such an ad and have it hosted, complete with their compromised flash designed to turn your PC into one of their zombies and add it to their 'bot net.

Until Adobe brings out the update - and YOU INSTALL IT!!!! you should be concerned about what sites present flash ads and videos to you - and this means the majority of sites.

As I write this, Symantec is saying that something in excess of 20,000 web sites have been infected with links to flash files that arecompromised.

I'll note in passing that so far this does not seem to be a problem with GNASH - the open source flash player :)

Story Options

What's New

Stories

No new stories

Comments last 2 days

No new comments

Trackbacks last 2 days

No new trackbacks

Older Stories

Thursday 15-Sep


Saturday 10-Sep


Tuesday 30-Aug


Saturday 20-Aug


Thursday 18-Aug


Sunday 14-Aug


Thursday 04-Aug


Tuesday 02-Aug

?

Ads by Clickochet

G+ Public Posts

There was a problem reading this feed (see error.log for details).
?

G+

?

Facebook Page

RSS Feed

Richard's Digital Rag

Poll

How do you like to find out news about the internet and computers?

  •  Newspaper
  •  Radio
  •  TV
  •  Web Search
  •  Favourite Web Site(s)
  •  Pod Cast
  •  Video Online
  •  Email List(s)
  •  RSS - Syndication
  •  Word of mouth
This poll has 0 more questions.
Results
Other polls | 28 votes | 0 comments