solarbird: (pindar-most-unpleasant)
[personal profile] solarbird
If you are unaware of this recently published Adobe Flash Player exploit, you need to update your version of the player in all browsers on all operating systems now. Here is Adobe's support bulletin, which includes instructions on how. This is not just a Windows exploit, or an Internet Explorer exploit; it exists in all versions of Flashplayer and allows execution of arbitrary code. So far, only demonstration code is known to exist, so you have a window of opportunity to get your systems patched before Russian mobsters are p0wning your box.

If you don't know whether you have Flash player installed, you almost certainly do. If you've ever been to Homestar Runner to read Strongbad Email, for example, and seen anything at all, you have Flash player.

Date: 2008-04-17 12:56 am (UTC)
From: [identity profile] darkphoenixrisn.livejournal.com
Thanks for letting me know. I just updated.

Date: 2008-04-17 01:01 am (UTC)
maellenkleth: (Default)
From: [personal profile] maellenkleth
dank u vell, mevrou!

eta: oh heh? would it be okay to borrow that snaggle-tooted icon?
Edited Date: 2008-04-17 01:22 am (UTC)

Date: 2008-04-17 12:16 pm (UTC)
maellenkleth: (Default)
From: [personal profile] maellenkleth
oh, oh, OH.

thank you very much. as çayani sriþun go you are definitely okay.

Date: 2008-04-17 01:07 am (UTC)
ext_24913: (Default)
From: [identity profile] cow.livejournal.com
This'll be bonus fun on things like the Wii...

Date: 2008-04-17 01:10 am (UTC)
ext_3294: Tux (Default)
From: [identity profile] technoshaman.livejournal.com
oh, jeez, has that thing got a Flash player in it?

Date: 2008-04-17 02:12 am (UTC)
ext_24913: (Default)
From: [identity profile] cow.livejournal.com
Yeah, as part of the Internet Channel (or whatever it's called); it has a build of Opera + Flash.

Date: 2008-04-17 01:09 am (UTC)
ext_3294: Tux (unix)
From: [identity profile] technoshaman.livejournal.com
Gotta love that icon. Way more appropriate for serious pwnage like this than even Puffy the Blowfish.

Good luck with getting all your users updated.... I know I've a few chores ahead of me.... *sigh*

Date: 2008-04-17 03:26 am (UTC)
From: [identity profile] firni.livejournal.com
If they use it to send pr0n, then it's REALLY a "flash" exploit.

kekeke

Thanks for the warning!

Date: 2008-04-17 03:57 am (UTC)
From: [identity profile] elfs.livejournal.com
My favorite analysis of the analysis was The evidence is now overwhelming that Mark Dowd was, in fact, sent back through time to kill the mother of the person who will grow up to challenge SkyNet. (http://www.matasano.com/log/1032/this-new-vulnerability-dowds-inhuman-flash-exploit/)

I have actually read the 26-page exploit report published by IBM's X division. It's quite scary. Anyone with a mind that twisted should not be allowed loose on the streets.

Date: 2008-04-17 01:45 pm (UTC)
From: [identity profile] angharads-house.livejournal.com
Indeed a most interesting paper, and one which was delightfully comprehensible to someone who stopped trying to do Comp Sci well before the dawn of time (bailed at end of Spring Session 1977, holy cow, long time passing by).

Wish I had the dosh to sponsor an X-Prize for the development of a robust, secure, solar-rechargeable, portable personal satcomm unit -- an ansible without (sigh) quite the zero latency expected of ansibles.

Also wish I lived on Mars. But wait, we do, sort of....

Now have that part of IBM webspace bookmarked for future reference. Once again, yayness upon them.

Angharad
red-hat, as evidenced by intel photos from China, summer 2007

September 2025

S M T W T F S
 123456
789101112 13
14151617 18 1920
21 222324252627
282930    

Most Popular Tags