WiFi Finder
Locate wireless services by a specific address, city, state, country, airport, or zip code.
Macromedia Patches Flash Security Flaw
Attacker could use a specially formatted Flash file to gain control of a user's PC, security company warns.
Joris Evers, IDG News Service
A security vulnerability in the widely used Macromedia Flash player can allow an attacker to gain control over a user's PC, eEye Digital Security warned Monday.
A specially formatted Flash file can cause a header overflow in the Flash software, potentially giving an attacker control over a PC, eEye said in a security advisory. Exploiting an overflow flaw generally allows attackers to load malicious code onto a victim's system and to run that code.
To exploit the vulnerability, an attacker has to hand-edit the Flash file with a binary editor as the Flash authoring tool does not produce files that contain the vulnerability on its own, Macromedia said in a separate bulletin on its Web site.
Serious Situation
A corrupt Flash file could be placed on a Web site or sent to a user in an HTML e-mail. The vulnerability is serious because Flash is widely used on various operating systems and because vulnerable versions of the software are delivered as part of many software packages, said eEye, based in Aliso Viejo, California.
Affected are all versions of the Macromedia Flash Player prior to version 6.0.65.0, which was released late last week to fix the issue, Macromedia said. All users are advised to upgrade to the new version, the San Francisco-based company said.
EEye in the past year has found numerous vulnerabilities in Macromedia's Flash software. The overflow vulnerability reported Monday is similar to a bug in the Flash player discovered in August, but with variations in the modified Flash code written by the attacker, eEye said.
The eEye advisory is available online.
- Sponsored Resource:Improve your network with the right mix of features, performance and pricing.
- Sponsored Resource:Growing your business requires the right tools. Dell's networking servers can help.
- Sponsored Resource:Thinking about a new Laptop? Lenovo has models to meet everyone's needs.
- Sponsored Resource:Twitter: A how-to guide for using Twitter as a business tool.
- Sponsored Resource:Smartphone security threats are on the rise. Is it time to safegaurd your device?
Print 65% more pages than with refilled inks. Trust Original HP Inks. Hit Print Reliably.
Microsoft Office Home and Student 2007
Featured APC Accessories For Your System
10% Off Entire Cart at Online Store
-
APC Back-UPS ES Safeguards your equipment from damaging surges and spikes that travel along your utility & data lines.
-
APC SurgeArrest Performance Highest level of protection for your professional computers, electronics and connected devices, as well as provides surge protection.
People who read this also read:
Best Prices on Antivirus Software
Norton AntiVirus 2009 (Full Product)Price: $14.84
VirusScan Plus 2009 - 3-User (Full Product)Price: $4.00
Anti-Virus 2009 (Full Product)Price: $17.85
VirusScan Plus 2009 (Full Product)Price: $4.00
McAfee VirusScan Plus 2008 (Full Product)Price: $3.23
Mcafee McAfee 2009 VirusScan Plus- 1 User Download Version (VSF09E001RKA)Price: $12.27
- 2007 Microsoft Office Suites Comparison This paper compares and contrasts four suites of the 2007 Microsoft Office system: Microsoft Office Standard 2007, Microsoft Office Professional Plus 2007, Microsoft Office Enterprise 2007 and Microsoft Office Ultimate 2007. This paper is intended to help organizations understand the applications and capabilities offered, and to identify the suite that best fits their needs.
- Windows Vista Migration: The Business Proposition It's not so much a matter of "if" but "when" for most organizations regarding migration to Windows Vista. Laying the groundwork now for this migration can yield higher ROI than waiting until later. This Computerworld Technology Briefing explains it all.
