ALERT: Adobe Flash Player SWF File Unspecified Remote Code Execution Vulnerability

Affected versions are 9.0.124.0 and 9.0.115.0.

The best analysis that I've seen so far is at SecurityFocus:
http://www.securityfocus.com/bid/29386/info

The frightening thing about this alert is that the vulnerability is being actively exploited, with tens of thousands of web sites being compromised (Symantec/Security Focus think that this is happening via SQL injection), with those compromised web sites being used to redirect victims to other sites that are hosting malicious Flash files.

At time of writing there is no workaround, patch or official advisory.  If you're using Firefox, install a copy of No Script for its script and Flash blocking abilities.  If you are using Internet Explorer get yourself a copy of IE7Pro, which includes an ad blocker and a Flash blocker (note: be careful with the maximum connections per server setting - I have seen that setting break some web sites, especially banking sites).

Or, simply uninstall Flash.

 

Published Wed, May 28 2008 15:14 by sandi

Comments

# re: ALERT: Adobe Flash Player SWF File Unspecified Remote Code Execution Vulnerability

Wednesday, May 28, 2008 4:52 AM by Bob Clark

Any idea if the new beta version (10.0.1.218 IE) of Adobe Flash Player is vulnerable to this also?

# re: ALERT: Adobe Flash Player SWF File Unspecified Remote Code Execution Vulnerability

Wednesday, May 28, 2008 7:58 PM by Name Game

It appears to be retracked and current versions of Flash are not vulnerable.

www.dslreports.com/.../r20549819-Attack-code-targets-new-Adobe-Flash-vuln