Newsletters

Select newsletters below and click the button to sign up!

Boston News NY News
DC News Internet Daily
SiliconValley News
InternetNews Business Report




Become a Marketplace Partner


Partner With Us


Internetnews Bloggers

Recent Entries

Archives

April 2009
Sun Mon Tue Wed Thu Fri Sat
      1 2 3 4
5 6 7 8 9 10 11
12 13 14 15 16 17 18
19 20 21 22 23 24 25
26 27 28 29 30    

Monthly Archives

Search The Blog

Netstat -vat by Sean Michael Kerner (bio)

A command line view of IT



Adobe's Flash Hit by Zero Day Exploit (nope)

By Sean Michael Kerner on May 27, 2008 5:41 PM
flashplayer.jpgFrom the 'be afraid be very afraid' files:

*UPDATED** There is a security exploit in the wild for Adobe's Flash player for which there is currently no patch - yes folks it's a bona fide zero day exploit. (*see update at end of post - this report has now been revoked by the security reporting agencies**)

According to a report on Security Focus (they run the Bugtraq mailing list):
An attacker may exploit this issue to execute arbitrary code in the context of the affected application. Failed exploit attempts will likely result in denial-of-service conditions.
Wait it gets better.

The Internet Storm Center (ISC) is now reporting malicious sites in the wild that are actively exploiting the issue. ISC handler Adrien de Beaupre provides gory detail on how one particular site is using the flaw by way of a jpg image.

The latest update from Security Focus alleges that the issue is widespread with malicious code being injected into approximately 20,000 web pages.
Malicious code is being injected into other third-party domains (approximately 20,000 web pages), most likely through SQL-injection attacks. The code then redirects users to sites hosting malicious Flash files exploiting this issue.
This is no trivial exploit -  let's hope that Adobe does the right thing and gets this issue resolved ASAP.

**UPDATE MAY 29 ** Looks like this wasn't a zero day after all. Secunia and ISC SANS are now revoking earlier claims and noting that the issue was already known. According to Adobe :
This exploit appears to be taking advantage of a known vulnerability, reported by Mark Dowd of the ISS X-Force and wushi of team509, that was resolved in Flash Player 9.0.124.0 (CVE-2007-0071). We strongly encourage everyone to download and install the latest Flash Player update, 9.0.124.0.
While initial reports seemed to indicate that 9.0.124.0 was at risk ISC handler Jim Clausing notes that is not the case:
We have yet to see one of these that succeeds against the current version (9.0.124.0), if you find one that does, please let us know via the contact page.

| Comments (1) | TrackBacks (0) | Share

Tags:

0 TrackBacks

Listed below are links to blogs that reference this entry: Adobe's Flash Hit by Zero Day Exploit (nope).

TrackBack URL for this entry: https://swarm.jupitermedia.com/mt-tb.cgi/3569

1 Comments

Adrien said:

We aren't certain yet is the vulnerability being exploited is in fact previously unknown (0day) or has in fact already been disclosed.

May 28, 2008 11:25 AM

Leave a comment