|
-
November 7th, 2005, 03:25 PM
#1
Macromedia Flash Critical Vulnerability
Macromedia Flash has critical vulnerability
People using Flash should check to see if they need to upgrade to avoid being compromised
Internet Explorer and Opera users have been urged to upgrade to protect against a newly discovered flaw.
The vulnerability, in Flash Player version 7.0.19.0 and earlier, could allow a hacker to compromise a user's PC.
Macromedia confirmed the existence of the flaw, which it classified as critical, on Friday afternoon. It recommends the users upgrade to version 8.0.22.0.
"There was a problem with bounds validation for indexes of certain arrays in Flash Player 7 and earlier, thus leaving open the possibility that a third party could inject unauthorised code that would have been executed by Flash Player," Macromedia warned.
To see more details on the vulnerability, and download the updated version, click here. Security firm Secunia also classifies the vulnerability as highly critical.
"The Flash Player plug-in is used by more people than [just those using] Internet Explorer," said Thomas Kristensen, Secunia's chief technical officer. According to Secunia, only those who use the IE and Opera Web browsers are vulnerable to the Macromedia flaw, since other browsers, such as Firefox, do not include Flash player in their default set-up.
Kristensen added that he was surprised that Macromedia had issued the patch on Friday afternoon, as many potential victims might have been returning home and not learned about the problem until Monday, or later.
"The bad guys have had a whole weekend to write exploits," Kristensen said.
eEye Digital Security, a research firm, says it told Macromedia about the existence of the flaw on 27 June.
Liam
Desktop:I5 2500K|Asus P8Z68-V|8GB Corsair Vengeance|1280MB Nvidia 560 TI PE|1TB Seagate/60GB OCZ SSD|LG Blu-ray Writer|Corsair 750W
27" iMac:I5 2500S|12GB Crucial DDR3|ATI 1GB 6970|1TB|Superdrive|Mighty Mouse 
-
November 7th, 2005, 04:18 PM
#2
You can tell what version of FlashPlayer you have installed by going to this site
http://www.macromedia.com/software/flash/about/
You will have to allow ActiveX controls to run for the site to work.
Jim
WIN7 Ultimate SP1 64bit, IE 11, NTFS,
cable, MS Security Essentials, Windows 7 firewall
-
November 8th, 2005, 05:44 AM
#3
 Originally Posted by liam858
According to Secunia, only those who use the IE and Opera Web browsers are vulnerable to the Macromedia flaw, since other browsers, such as Firefox, do not include Flash player in their default set-up.
But surely anyone who installs Flash on Firefox would be vulnerable as well?
Safe computing is a habit, not a toolkit.
-
November 9th, 2005, 10:34 PM
#4
Originally Posted by Tuttle
But surely anyone who installs Flash on Firefox would be vulnerable as well?
I'm running FF and I'm not going to wait to find out,I'll update ASAP .Oh yeah "and stop calling me surely" . { I loved Airplane }
Win 7
Asrock Z68 Extreme3 Gen3
I5 2500k @4ghz
8Gb DDR3 2133Mhz
Crucial M4 128Gb SataIII SSd
Sapphire Radeon 6870
Samsung 931bf 19" LCD
Thread Information
Users Browsing this Thread
There are currently 1 users browsing this thread. (0 members and 1 guests)
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|
Reply With Quote
