Serious Flashplayer bug/exploit - patch right now!

[solarbird]

If you are unaware of this recently published Adobe Flash Player exploit, you need to update your version of the player in all browsers on all operating systems now. Here is Adobe's support bulletin, which includes instructions on how. This is not just a Windows exploit, or an Internet Explorer exploit; it exists in all versions of Flashplayer and allows execution of arbitrary code. So far, only demonstration code is known to exist, so you have a window of opportunity to get your systems patched before Russian mobsters are p0wning your box.

If you don't know whether you have Flash player installed, you almost certainly do. If you've ever been to Homestar Runner to read Strongbad Email, for example, and seen anything at all, you have Flash player.

Comments

[darkphoenixrisn.livejournal.com]

Thanks for letting me know. I just updated.

[maellenkleth]

dank u vell, mevrou!

eta: oh heh? would it be okay to borrow that snaggle-tooted icon?

[cow.livejournal.com]

This'll be bonus fun on things like the Wii...

[technoshaman.livejournal.com]

Gotta love that icon. Way more appropriate for serious pwnage like this than even Puffy the Blowfish.

Good luck with getting all your users updated.... I know I've a few chores ahead of me.... *sigh*

[firni.livejournal.com]

If they use it to send pr0n, then it's REALLY a "flash" exploit.

kekeke

Thanks for the warning!

[elfs.livejournal.com]

My favorite analysis of the analysis was The evidence is now overwhelming that Mark Dowd was, in fact, sent back through time to kill the mother of the person who will grow up to challenge SkyNet. (http://www.matasano.com/log/1032/this-new-vulnerability-dowds-inhuman-flash-exploit/)

I have actually read the 26-page exploit report published by IBM's X division. It's quite scary. Anyone with a mind that twisted should not be allowed loose on the streets.