Latest Flash security hole plugged, says Adobe
Wednesday, December 9, 2009
Adobe's online media architecture and an associated program have been cured of their latest ills, which included six possible remote code execution vulnerabilities and one privacy flaw that targeted the Flash player's ActiveX control.
ZDNet's Ryan Naraine reports that the Flash 10.0.42.34 update fixes all seven possible vulnerabilities in the online Flash player and the Adobe AIR 1.5.3 patch does the same for that program. Naraine says that nearly all computer users are vulnerable to Flash-based exploits, so widespread is Adobe's product.
The vulnerabilities were based on several errors in the Flash framework's code, including one targeting JPEG parsing data, another that enables data injection, and several more that target the standard buffer overflow and memory corruption loopholes present in most exploitable programs.
Users wishing to protect their data security should download and install both patches, experts say, since some of the vulnerabilities are relatively easy to exploit, and could lead to complete takeovers of affected machines. Adobe Acrobat is another of that company's products that has been targeted by online criminals and used for the distribution of malware.
Related News:
Cyber criminals exposed medical records - 3.8.2010
More than 18,000 patients, whose medical information is stored on the computer systems of five doctors in Torrance, California, were potential victims of identity theft in September when cyber criminals penetrated the doctors' networks, according to the Los Angeles Times.
McAfee advises companies to boost web security relating to source code - 3.4.2010
At the RSA Conference, currently taking place in San Francisco, McAfee released a report indicating that companies regularly use too few web security protocols when protecting intellectual property such as source code.
False social networking attacks provides teachable moment for web security - 2.25.2010
A unique tool developed to prevent the spread of malware from social networking websites has been recommended Processor.com, a web and network security news provider.
With global web security under siege, exports point to problems - 2.25.2010
In 2009, Garlik, a United Kingdom-based web security company, reported a 207 percent increase in malware use to overtake bank accounts. Recent events have also shown vulnerability in corporate, private and governmental web security systems.
Kaspersky reports malware growing more sophisticated - 2.24.2010
Kaspersky, a web security provider, reported Wednesday that while there is very little growth in the amount of malware currently roaming the web, it is becoming more advanced and much harder to detect.
|
