World of Warcraft

New exploits target Adobe Flash Player

Posted Sep 17, 2008 by Merah

Post your Comment (10)

WoWinsider posted an interesting blog entry about a 0day flash player exploit actually hitting:

According to reports, a new wave of exploits has appeared taking advantage of a vulnerability Adobe Flash Player. Allegedly over 200,000 web sites now have redirects to malware, including keyloggers, through embedded Flash. And we all know how evil keyloggers can be. Flash Player 9.0.115.0 appear to be the affected version.

source

The Flash Player 9.0.115.0 is the affected version, you can know which version you are running by using this Adobe link

To note that the version 9.0.124.0 supposed to be patched may still be exploited in a few cases like the linux version nor windows version with debug player ON. If you want to be fully safe, completely uninstall Adobe Flash Player for the moment.

Some technical reference links:
Sans
SecurityFocus
Adobe security advisories

, , , ,
Share On:
  • Comments

Add Comment  

Add

You need to login or register to post.

Benefits of Registration

  • Interact with hundreds of thousands of other gamers on an open social network.
  • Post your stories, news, images, videos, and other content to share.
  • Create a network with your fellow gamers or join an existing one.
  • Gain reputation for everything you do.
 
  • sup2069 said 
    Wed, May 28 2008 10:07 PM ()

    just updated, had that exploitable version. UPDATE NOW!

    Report Permalink
  • Kody said 
    Wed, May 28 2008 10:07 PM ()

    Thanks for passing this info on!

    Report Permalink
  • Merah said 
    Wed, May 28 2008 10:07 PM ()

    I have updated the news with links having the technical details about this vulnerability if you would like to know much about it. To note that 9.0.124.0 is also noted affected so pay attention to a new flash player version probably coming very soon.

    Remember that's a 0day, no CVE entry, in other words this is a vulnerability on which Adobe hasn't been informed and of course everyone else so be careful even with that supposed 9.0.124.0 patched version.

    Report Permalink
  • icravecookies said 
    Wed, May 28 2008 10:07 PM ()

    Ouch, i also had said version, time to scrub my computer again...

    Report Permalink
  • Bilgerat987 said 
    Wed, May 28 2008 10:06 PM ()

    Thanks for the info. My question is this - Is there a 'safe' version that I can d/l? ...and, where do I find that version?

    Report Permalink
  • Nevermindz said 
    Wed, May 28 2008 10:06 PM ()

    You can download the latest version here : http://www.adobe.com/shockwave/download/download.cgi?P1_Prod_Version=ShockwaveFlash

    Report Permalink
  • Heydan said 
    Wed, May 28 2008 10:06 PM ()

    How about a big *** you to wow security levels,a tad tired of reading about keyloggers and possible threats,piss of ye?:) kty

    Report Permalink
  • Exry said 
    Wed, May 28 2008 10:06 PM ()

    Ok, I didn't really get it.

    is the GNU/Linux version of flash affected? :/

    Report Permalink
  • Merah said 
    Wed, May 28 2008 10:06 PM ()

    Yes to resume globally all version are vulnerable yet , it may be harder to exploit the 9.0.124.0 but this version is reported vulnerable so if you really care for your security the only best patch you can add for now is to completely uninstall Flash player and waits for a version > but not equal to 9.0.124.0

    Report Permalink
  • Merah said 
    Wed, May 28 2008 10:06 PM ()

    Yes to resume globally all versions are vulnerable yet , it may be harder to exploit the 9.0.124.0 but this version is reported vulnerable so if you really care for your security the only best patch you can add for now is to completely uninstall Flash player and waits for a version > but not equal to 9.0.124.0, according to news security sites it's an old known Flash vulnerability that has not been patched correctly and so on, all actual versions are at risk.

    Posting Tech details link there because the Curse's News editor is bugged a lot there, it does not apply "Edit" changes and it is always reverting back to the original news paper some seconds after editing:

    //EDIT: looks like stabler via cursebeta.com

    Adobe security advisories
    Sans
    SecurityFocus

    Report Permalink
  • 1 page(s)
  • Syndication
  • Recent Posts
  • Tags
  • Archives