Thursday, September 16, 2010

Adobe Announces New Flash Vulnerability

Adobe Systems has recently disclosed a vulnerability in their Flash Player 10.1.82.76 for Windows, Mac, Linux and Solaris. The vulnerability allows the execution of code from a specially crafted PDF or Flash file. Adobe mention that they have seen this being actively exploited.

Put simply, this type of vulnerability could see you become infected with a keylogger simply by browsing a web site that has been compromised. We have seen WoW keyloggers installed via this type of Adobe vulnerability before in June and February.

Adobe has not released a patch for this as yet, but plan to have something available during the week of September 27.

You can reduce the chance of becoming subject to this attack by patching your flash player as soon as a patch is released and by running a PDF/flash blocker such as noscript in the meantime.

You can find more information on this at the Adobe Security Advisory site.

No comments:

Post a Comment