• On MovieTome: Megan Fox on TRANSFORMERS 2!
advertisementAT&T Tech Support 360
May 27, 2008 10:46 AM PDT

Adobe Flash exploit raises concern

Posted by Robert Vamosi

Update 11:10 a.m. May 30: Despite earlier reports, version 9.0.124.0 of Adobe Flash Player has no new bugs. For the latest news, click here.

Legitimate Web sites hosting Adobe Flash Player content may be compromised to embed JavaScript that redirects users to a Chinese malware server, says Symantec. Affected versions of Adobe Flash Player include 9.0.124 .0 (latest version) and 9.0.115.0.

Symantec says that under certain conditions embedded JavaScript within the player will redirect users to dota11.cn. In an alert on Tuesday, Symantec said specific details about the vulnerability exploited were unknown, and initial testing of the in-the-wild exploit showed it to be unreliable. Nonetheless, Symantec said it had identified at least one commercial site, www.bridgettwalther.com, which is a horoscope Web site, but that the embedded malicious code has since been removed.

More details available here.

Symantec recommends that users use script-disabling plug-ins such as NoScript for Firefox to prevent embedded Flash scripts from being loaded.

Topics:

Browsers and extensions,

Security

Tags:

security,

Adobe Flash,

Symantec,

Javascript

Bookmark:
Digg
Del.icio.us
Reddit
Recent posts from Defense in Depth
High-tech bank robbers phone it in
How 'carders' trade your stolen personal info
Anatomy of a botnet
Column: Raising Cain at Black Hat
Black Hat 2008: Notes from the field
Add a Comment (Log in or register) 2 comments
by Jjesse285 May 27, 2008 9:38 PM PDT
One would think that one would be fair about being "behind" I alway know that this was a bugs in the software but you get used it.
Reply to this comment
by Jjesse285 May 27, 2008 9:39 PM PDT
One would think that one would be fair about being "behind" I alway know that this was a bugs in the software but you get used it.
Reply to this comment
Powered by Jive Software
advertisement
Resource center from News.com sponsors
You Need The Speed of Norton 2009
Introducing Norton Internet Security™2009

Click Here!
With one-click, one-minute install, under 8MB of memory usage and fewer, shorter scans, it's the fastest security suite anywhere. Norton. Smart Security, Engineered for Speed. Get a FREE trial today!

Click Here!
The Fastest Security Suite Anywhere

Experience the revolutionary Norton Internet Security™ 2009. With Norton™ Insight, a new feature, you get precision security that targets only at risk files for fewer, faster, shorter scans

Win a Trip to Space!*

Enter the Blast Off with Norton Sweepstakes for your shot at a trip to space. You could experience being fast and weightless, just like the new Norton 2009. *No purchase necessary; click for full details.

FREE Trial!

Act now to get your FREE trial of Norton Internet Security 2009. Try it for the protection. Love it for the speed

Norton Safe Web NEW!

A community-based system that rates web site safety

Norton Labs NEW!

Users can download new security technologies and share input directly with developers. Help us shape our future products!

About Defense in Depth

Covering computer viruses and computer crime, Robert Vamosi goes beyond the hype to provide you with expert interviews of the top security researchers, as well as offering the hands-on, nontechnical advice you'll need to stay safe online.

Add this feed to your online news reader

Defense in Depth topics

Featured blogs

advertisement
advertisement

Inside CNET News

Scroll Left Scroll Right
News
Latest news
Business tech
Green tech
Wireless
Security
Media
Popular topics
Apple iPhone
Apple iPod
Best hybrid cars
Cell phones
Dell
GPS
CNET sites
CNET TV
Downloads
News
Reviews
Shopper.com
Site map
More information
Newsletters
Corrections
Customer Help Center
RSS
What's new
About CNET