Viruses/Worms News

Snow Leopard includes malware-vulnerable Adobe Flash version

Thursday, September 3, 2009

Web security firm Sophos reported yesterday that Apple's new Snow Leopard operating system ships with an older version of Adobe Flash Player that is unpatched and vulnerable to cyberattacks. Adobe is warning Snow Leopard users to upgrade to the latest version.

Sophos senior technology consultant Graham Cluley wrote on his blog that Snow Leopard comes with version 10.0.23.1, which is known to have security vulnerabilities. The latest version of Flash Player for Mac is 10.0.32.18.

"Mac users are not informed that Snow Leopard has downgraded their version of Flash without permission and that they are now exposed to a raft of potential attacks and exploits which have been targeted on Adobe's software in recent months," Cluley said in the blog post.

Research from security firm Trusteer shows that almost 80 percent of internet users are still running unpatched versions of Flash, which the company called "the biggest security hole on the internet today," in a white paper last month.

Security researchers have discovered exploits of a Flash vulnerability that could infect PCs with Trojan malware when users open a maliciously crafted Adobe Acrobat PDF file, which caused Adobe to rush a security updates for Flash Player, Acrobat and Reader.

Sophos has identified Flash-exploiting malware embedded in Microsoft Excel files and predicts malware authors will use PowerPoint and Word to spread Flash-based attacks.
ADNFCR-1765-ID-19344369-ADNFCR

Related News:

Researchers: Malware attackers reloading for Windows 7 assaults - 11.20.2009
A report issued yesterday by computer security firm Symantec says that hackers are undoubtedly reworking their malicious software to target Windows 7 as more users switch to the latest version of Microsoft's flagship OS.

Want to secure your iPhone against intruders? There's an app for that - 11.20.2009
Cisco Systems today released a free iPhone app that will allow users to receive security updates and the latest news on web threats, as well as aggregating additional security related content for iPhone users.

Microsoft says 64-bit versions of Windows are harder to infect - 11.19.2009
Members of Microsoft's security team write that 64-bit editions of Windows are much less susceptible to malware attacks, but outside experts caution that 64-bit malware could be the next big thing in cyber crime.

Google coming down hard on malicious advertisers - 11.18.2009
Search giant Google has said that it will lay down the law where scam artists and malvertisers are concerned: Permanent bans will be the result of any fraudulent activity on the company's AdWords service.

If at first you don't succeed: Most malware protection fails first round of certification testing - 11.17.2009
A study performed by security testing and research firm ICSA Labs says that almost four out of five computer security products fail their first certification tests and need to be retooled for a second and sometimes a third attempt.
View Related Resources
Or
Watch an Online Demo
Or
Have us call you now