New Adobe Flaw Being Used in Attacks :Beware of Hacking [Tech News]
Page 1 of 1
New Adobe Flaw Being Used in Attacks :Beware of Hacking [Tech News]
Valampuri Thu May 29, 2008 9:56 am
An unpatched bug in Adobe Systems' Flash Player software is being exploited by online criminals, Symantec reported Monday.
ADVERTISEMENT
Few details on the bug are available, but the flaw lies in the latest version of the Adobe Flash Player browser plugin, which is widely used by Internet surfers to view animated Web pages. The flaw affects both the recently released Flash Player version 9.0.124.0 and version 9.0.115.0, according to an advisory posted Monday to Symantec's Security Focus Web site.
The flaw lets attackers run unauthorized software on the PC, and if the attack fails for some reason it will likely crash the browser, Security Focus said. Symantec is not aware of any vendor-supplied patches for the flaw, the advisory states.
Flash bugs have lately been a favorite of attackers. Adobe last month patched seven bugs in Flash Player, including the one that allowed hacker Shane Macaulay to win a laptop and US$5,000 for hacking into a Windows Vista machine in a March contest at the CanSecWest security conference.
In January, Adobe and other Web-development-tool vendors had to fix bugs in their development tools that created buggy Shockwave Flash (.swf) files that could be exploited in a cross-site scripting attack. This attack can be used by phishers, but it also gives the bad guys a nearly undetectable route into a victim's bank account or almost any type of Web service.
ADVERTISEMENT
Few details on the bug are available, but the flaw lies in the latest version of the Adobe Flash Player browser plugin, which is widely used by Internet surfers to view animated Web pages. The flaw affects both the recently released Flash Player version 9.0.124.0 and version 9.0.115.0, according to an advisory posted Monday to Symantec's Security Focus Web site.
The flaw lets attackers run unauthorized software on the PC, and if the attack fails for some reason it will likely crash the browser, Security Focus said. Symantec is not aware of any vendor-supplied patches for the flaw, the advisory states.
Flash bugs have lately been a favorite of attackers. Adobe last month patched seven bugs in Flash Player, including the one that allowed hacker Shane Macaulay to win a laptop and US$5,000 for hacking into a Windows Vista machine in a March contest at the CanSecWest security conference.
In January, Adobe and other Web-development-tool vendors had to fix bugs in their development tools that created buggy Shockwave Flash (.swf) files that could be exploited in a cross-site scripting attack. This attack can be used by phishers, but it also gives the bad guys a nearly undetectable route into a victim's bank account or almost any type of Web service.
Valampuri- Number of posts : 79
Age : 36
Registration date : 2008-04-11
Similar topics» You Tube launches its Indian version ! [Tech News]
» Intel Delays Centrino 2 Launch [Tech News]
» Internet Full of 'Black Holes' [Tech News]
» Do a Cloud Scan for Malware and Try for a Prize [Tech News]
» Latest Ratings of Top 10 Anti-Virus Softwares [Tech News]
» Intel Delays Centrino 2 Launch [Tech News]
» Internet Full of 'Black Holes' [Tech News]
» Do a Cloud Scan for Malware and Try for a Prize [Tech News]
» Latest Ratings of Top 10 Anti-Virus Softwares [Tech News]
Page 1 of 1
Permissions in this forum:
You cannot reply to topics in this forum