Wednesday, May 28, 2008 3:20 PM
cmosby
Flash Player Exploit Update 2 - McAfee
Flash Player Exploit Update 2
Wednesday May 28, 2008 at 9:55 am CST
Posted by Craig Schmugar
Trackback
Last night our researchers identified similarities between the recent Adobe Flash exploits and a known (patched) vulnerability: CVE-2007-0071. At first, this appeared to close the case, but there was a report of a patched version of Flash falling victim to one of these attacks, and we’ve seen an SWF file referencing a missing file named WIN 9,0,124,0i.swf, which also suggests that the latest version of Flash is the target of that file.
The exploits that we have captured from the field do not appear to exploit the latest version of Flash. We continue to hunt for missing 9,0,124 exploits and will post an update should one be discovered. In the meantime, it’s best to update to the latest player, if you haven’t yet done so.
Filed under: Security and Anti-Virus, Internet Hacks, Internet Applications, Spam\Phishing, Cybercrime, Software Vulnerabilites