Zero Day: Virus Attacks Adobe Flash
While ISC has not upped the threat level yet, some 20,000 web servers have been hit with a code injection that leads to a zero day flaw in adobe flash, providing total ownage of your computer.
Reports of the zero day on Adobe Flash Player versions 9.0.124.0 and older meaning current version and older are getting some traction this morning. The drive by down load has been verified, and while it is still early, this could promise to be a bad day for clean up efforts because the wide distribution of flash, and the known web sites that are vulnerable to a SQL code injection attack are many.
This threat should be considered very serious because of the widespread distribution that Adobe Flash enjoys on the Windows ecosystem. If this exploit gets seeded on high-traffic Web sites, we could be in for a long clean-up operation. Source: Zdnet
Right now not much is known about the method, but odds are highly likely that adobe is on this one and if they issue a patch today, make sure you update your computers with the new version. The use of flash streaming, flash advertising, and flash everything else on the Internet is fairly common. This would also not be the first time that flash has been found to have an issue that has the potential to impact hundreds of thousands of computers.
Post a Comment