Guest Posted July 23, 2009 Share Posted July 23, 2009 (edited) Online criminals are targeting a previously unknown vulnerability in the latest versions of Adobe's ubiquitous Flash Player that allows them to take complete control of end users' computers, security researchers warn.http://www.theregister.co.uk/2009/07/22/ad...ttacks_go_wild/And indeed, when tested with Internet Explorer and the latest Flash player (version 10), the exploit silently drops a Trojan and works "as advertised". Another interesting thing I noticed is that the Trojan, which is downloaded in the second stage, is partially XOR-ed – the attackers probably did this to evade IDSes or AV programs scanning HTTP traffic. At the moment, the detection for both the exploit and the Trojan is pretty bad (only 7/41 for the Trojan, according to VirusTotal).http://isc.sans.org/diary.html?storyid=6847yikes Edited July 23, 2009 by -X- Link to comment Share on other sites More sharing options...
CoffeeFiend Posted July 23, 2009 Share Posted July 23, 2009 Adobe makes some of the absolute very best apps out there, for content creation (Photoshop, Bridge, ACR, Lightroom and so on). I mean, amazing, top-notch apps, but when it comes to security... They still have some work to do. Link to comment Share on other sites More sharing options...
Guest Posted July 30, 2009 Share Posted July 30, 2009 Looks like the finally fixed it.http://www.msfn.org/board/index.php?showtopic=136553http://get.adobe.com/flashplayer/ Link to comment Share on other sites More sharing options...
rwycuff Posted August 30, 2009 Share Posted August 30, 2009 adobe will never be fixed use anothe pdf viewer that does not have netwokring features and you will be fine Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now