A new vulnerability, already exploited by crackers, you create Flash animations poisonous. The update is not ready yet, but it will come soon.
By security advisories APSA11 -01, Adobe reported Monday night that there is a flaw in danger critical traced in the code the ubiquitous Flash Player . To leverage
defect, a cracker can prepare a web page containing an animation, with specially designed that, once opened on the victim's computer, would have the ability to unleash the ' execution of arbitrary code. This would allow
attacker to install viruses, backdoors and other assorted malware system, assuming, in some circumstances, full control over the Internet.
are at risk virtually all versions of the program : from 10.2.152.33 to the latest build of the old 1.10 branch, through the intermediate release.
To find out which iteration is present on the system simply link to this page and read the information in the Version Information box this right.
The bug affects both builds for Windows, both for Mac, Linux, Solaris and Android. It is also plagued the edition integrated into Google Chrome , although it is likely that the sandbox in which the plugin is isolated may be able to prevent the operation of an exploit.
Adobe Product Security Incident Response Team (PSIRT) stated that it is not just a theoretical danger, but a flaw already being actively used to bring targeted attacks. Currently, the carrier has chosen a Microsoft Excel (. Xls) that contains the malformed SWF animation.
The package is then distributed to victims via e-mail.
L ' company is currently finalizing a new release of Flash Player purged from the problem. The final byte will be made available to the public during the week of Monday, March 21.
Meanwhile, more cautious users will want to uninstall the or at least disable it by acting between the web browser options chosen.
In light of the fact that Adobe Reader X is not in immediate danger, the company has decided to postpone the release updated version of the next round of quarterly update, scheduled for June 14.
defect, a cracker can prepare a web page containing an animation, with specially designed that, once opened on the victim's computer, would have the ability to unleash the ' execution of arbitrary code. This would allow
attacker to install viruses, backdoors and other assorted malware system, assuming, in some circumstances, full control over the Internet.
are at risk virtually all versions of the program : from 10.2.152.33 to the latest build of the old 1.10 branch, through the intermediate release.
To find out which iteration is present on the system simply link to this page and read the information in the Version Information box this right.
The bug affects both builds for Windows, both for Mac, Linux, Solaris and Android. It is also plagued the edition integrated into Google Chrome , although it is likely that the sandbox in which the plugin is isolated may be able to prevent the operation of an exploit.
Adobe Product Security Incident Response Team (PSIRT) stated that it is not just a theoretical danger, but a flaw already being actively used to bring targeted attacks. Currently, the carrier has chosen a Microsoft Excel (. Xls) that contains the malformed SWF animation.
The package is then distributed to victims via e-mail.
L ' company is currently finalizing a new release of Flash Player purged from the problem. The final byte will be made available to the public during the week of Monday, March 21.
Meanwhile, more cautious users will want to uninstall the or at least disable it by acting between the web browser options chosen.
In light of the fact that Adobe Reader X is not in immediate danger, the company has decided to postpone the release updated version of the next round of quarterly update, scheduled for June 14.
0 comments:
Post a Comment