There's been found a vulnerability related to SWF file handling in Adobe Flash Player. At the moment of writing this there's no detailed information of the found vulnerability available. Fixing update isn't available yet so vulnerable are all current Adobe Flash Player versions (9.0.124.0 and older).
Symantec has observed that this issue is being actively exploited in the wild. Malicious code is being injected into other third-party domains (approximately 20,000 web pages), most likely through SQL-injection attacks. The code then redirects users to sites hosting malicious Flash files exploiting this issue.
More information:
Report of the found vulnerability
Adobe's Blog
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment