|
Title: Adobe flash player 0day exploit Post by: blackazarro on May 27, 2008, 11:40:48 PM Ouch!, There's an 0day for Adobe flash player latest version and older. Currently there's no patch. Attackers are exploiting this in the wild. I can say this for a fact since for the past week or so, I've been monitoring a server hosted in China as part of an ongoing investigation in my company. The malicious site updates their malicious code almost daily and today I've noticed that they included what appears to be the new exploit for the Adobe flash player.
For example: hxxp://www.woai###.cn/4562.swf There's also seems to be a massive sql injection attack inserting malicious code that automatically redirect users without their consent to this malicious file or other similar swf files. So my friends be careful out there in cyberspace and don't visit untrusted websites. Update your anti-virus software and if possible I would suggest setting a killbit for the flash player or adding a rule to your perimeter devices to block swf files until there is an official patch. Also NoScript is your best friend. Additional info concerning this issue: http://isc.sans.org/diary.html?storyid=4465 http://isc.sans.org/diary.html?storyid=4468 http://www.securityfocus.com/bid/29386/info http://news.cnet.com/8301-10789_3-9952547-57.html?tag=nefd.top Title: Re: Adobe flash player 0day exploit Post by: blackazarro on May 27, 2008, 11:52:05 PM Response from Adobe: Quote Just a quick note to say we are aware of today’s report of a potential exploit involving Flash Player in the wild. We are working with Symantec to investigate the potential SWF vulnerability, and will have an update once we get more information. http://blogs.adobe.com/psirt/2008/05/potential_flash_player_issue.html Title: Re: Adobe flash player 0day exploit Post by: oneeyedcarmen on May 28, 2008, 09:32:20 AM Quote An unpatched bug in Adobe Systems' Flash Player software is being exploited by online criminals, Symantec reported Monday. http://news.yahoo.com/s/pcworld/20080527/tc_pcworld/146343;_ylt=AoDpvH6PMVqX3dAPiZCtTFAjtBAF (http://news.yahoo.com/s/pcworld/20080527/tc_pcworld/146343;_ylt=AoDpvH6PMVqX3dAPiZCtTFAjtBAF) Title: Re: Adobe flash player 0day exploit Post by: blackazarro on May 28, 2008, 09:37:19 PM Quote On closer examination, this does not appear to be a "0-day exploit" For complete details refer to Sans in the following link: Followup to Flash/swf stories (http://isc.sans.org/diary.html?storyid=4474) Update from Adobe: Quote The exploit appears to be taking advantage of a known vulnerability, reported by Mark Dowd of the ISS X-Force and wushi of team509, that was resolved in Flash Player 9.0.124.0 (CVE-2007-0071). This exploit does NOT appear to include a new, unpatched vulnerability as has been reported elsewhere Full story: Potential Flash Player issue - update (http://blogs.adobe.com/psirt/) Title: Re: Adobe flash player 0day exploit Post by: don on May 29, 2008, 01:22:13 PM Nice update post on PC Mag by Larry Seltzer:
http://blogs.pcmag.com/securitywatch/2008/05/flash_vulnerability_update.php Don
Powered by SMF 1.1.7 |
SMF © 2006-2008, Simple Machines LLC
Joomla Bridge by JoomlaHacks.com |