iEntry 10th Anniversary RSS Archive

IT Management Begins With Security
SecurityProNews > News > Security News > Critical Vulnerabilities In Flash
Search:
[ news_security_news ]

Critical Vulnerabilities In Flash



John Stith
Staff Writer
2006-03-15

SecurityProNews: Insider Reports Insider Reports RSS Feed


Macromedia's Flash Player has been tagged with some vulnerabilities that could allow attackers to take control of an affected system. Although an SWF must be loaded into the system for someone to take it over, mistakes are made. Macromedia recommends users to upgrade immediately.

Macromedia's parent company, Adobe recommends all users of Flash 8.0.22.0 and earlier to upgrade to the new version, 8.0.24.0. It can be downloaded from the Player Download Center.

Adobe rates this update as critical and lists all the versions of Flash affected by the current problem. They said in their security bulletin:

Critical vulnerabilities have been identified in Flash Player that could allow an attacker who successfully exploits these vulnerabilities to take control of the affected system. A malicious SWF must be loaded in Flash Player by the user for an attacker to exploit these vulnerabilities. Users are recommended to update to the most current version of Flash Player available for their platform.

Affected versions of the software include:

Flash Player versions 8.0.22.0 and earlier: The version number of the Flash Player can be verified on the About Flash Player page. If you use multiple browsers perform the check and installation for each browser.

Breeze Meeting Add-In Version 5.1 and earlier: To verify the Breeze Meeting Add-In version number, enter a meeting room and select Help>About Breeze Meeting.

Shockwave Player version 10.1.0.11 and earlier: To verify the Shockwave Player version number, access the Test Shockwave Player page.

Flash Debug Player version 7.0.14.0 and earlier: To verify the Flash Player version number, access the About Flash Player page. If you use multiple browsers, perform the check, and the installation for each browser.

These vulnerabilities could be accessed through content delivered from a remote location via the user's web browser, email client, or other applications that include or reference the Flash Player. Updated versions of Flash Player 7 for Linux and Solaris, which contain fixes for these vulnerabilities, are also available from the Adobe Player Download Center.



Get all the updates - click this link:

Tag:

Add to | DiggThis| Yahoo My Web




About the Author:
John is a staff writer for SecurityProNews covering cyber security.

More news_security_news Articles

SecurityProNews: Insider Reports Insider Reports RSS Feed

Get Your Site Submitted for Free in the World's Largest B2B Directory!

Email Address:
* URL:
*
*Indicates Mandatory Field

Terms & Conditions

iEntry Featured Services: Jayde Member Services | Forums | Freeware | Advertise with Us

Contact Us | Advertise | Newsletter Archive | Sitemap | Submit an Article | News Feeds
SecurityProNews is an iEntry, Inc.® publication - All Rights Reserved | Privacy Policy and Legal		 Join the WebProWorld Forums: Click Here
Virus Warnings

Subscribe to
SecurityProNews FREE!


[ more newsletters ]

Featured On:
article resources
Search Articles:
[advanced search]

WebProWorld.com
Get in-touch with industry experts and leaders
Post your site for review by expert and peers
Ask Security, IT, Development and Design questions

Free Membership: Join Now!

Visit WebProWorld.com

Titan Quest Forum
The #1 Titan Quest forum
Halo 3 Forum
The best Halo, Halo 2, Halo 3 forum
Nintendo Wii
Nintendo Wii news and views
Mac Software
The best in OS X freeware
Graphics Forum
Your source for graphic tutorials
SecurityProNews.com | Breaking eBusiness News Get Your IT Questions Answered - Click Here SecurityProNews News Feeds