Adobe has released a critical update today for its Flash Player software. The patch fixes six security vulnerabilities, at least one of which is a zero-day vulnerability being actively exploited in the wild.
Details of the security bulletin from Adobe to explain: "This update resolves a common cross-site scripting could be used to act on your behalf, or an Internet site or e-mail service provider if the user visits a malicious Web site (CVE-2011-2444), "and added:" Note: There are reports that this vulnerability is being actively exploited in targeted attacks wild to induce users to click the malicious link in an e-mail delivered. "
Zero-day bug now is similar to a bug in Flash, which was patched in June. Coincidentally, both the vulnerability of June, and this patched now, Google has been reported to Adobe.
I have seen no indication that the official Flash zero-day has nothing to do with the hack that compromised DigiNotar digital certificates used to authenticate legitimate sites - but the time seems right.
Similarly, errors in the ubiquitous Adobe Flash was used to infiltrate the RSA Security and encryption keys used in a compromise of RSA SecurID two-factor authentication tokens, Flash was also the heel 'Achilles Diginotar.
Adobe Flash is almost universal. Adobe Flash Player and browser plug-ins available for virtually all operating systems and browser, this error zero-day potentially affect 90 to 95 percent of computers worldwide.
Andrew Storms director of security operations, nCircle, connecting the dots. "Adobe said today that the defect" could be used to act on your behalf, and webmail providers. "I think we can interpret this means that a successful attack in this zero-day bug could allow an attacker to access user's Gmail account."
Storm is declared "It is time that all IT equipment in the circle of wagons and flash patch as soon as possible."
See you in IT storms 'teams', and lift up "all those who use Flash. "Go download and install the Adobe Flash now.
Popular Posts
-
New Line of Embedded Computers Offer Fast, Cost-effective and Lower Risk Solution The KR8-315 from Emerson Network Power is a fully integr...
-
Samsung expanded its Galaxy family with the announcement of a 7.7-inch Galaxy Tab tablet, and the Galaxy Note, a smartphone that blurs the...
-
Steve Jobs Died today in a lorry accident. Steve was an excellent friend of Henry James. Henry met Steve at New York. Henry Bought S...
-
The income of the richest 1 percent in the U.S. soared 275 percent from 1979 to 2007, but the bottom 20 percent grew by just 18 percent, new...
-
He keeps them in warm, comfortable bug dorms, feeds them on meals of human blood with the occasional sugar water snack and lives in awe of t...
-
U.S. officials are warning the killing of American-born militant cleric Anwar al-Awlaki, the face of al Qaeda in the Arabian Peninsula, coul...
-
The Pentagon will permit military chaplains to perform same-sex marriage as long as such ceremonies are not prohibited in the states where t...
-
Skrill, a large European online payments provider which operates under the Moneybookers brand, has completed the acquisition of payolution, ...
-
Britney Spears - Im Just A Girl With A Crush On You Found at Im Just A Girl With A Crush On You on KOhit.net
-
Want to get ahead? Here are 10 key people you'll need in your network to help you succeed. It is important to know the two Q's as ...
0 comments:
Post a Comment