You may know, that the majority of the Internet connected computers are equipped with Adobe Flash Player. Due to the recently discovered critical security vulnerabilities of Flash Player (9.0.159.0 and 10.0.22.87) for Windows, Mac and Linux, as well as of authplay.dll component included in the Adobe Reader and Acrobat software, you are strongly advised to disable the support for Flash files rendering in web browsers and other software capable to manage Flash applications. Practically, the security vulnerability affects Flash in essence, and due to the fact that there are already served tons of Flash files in ads, games and various software applications, your computer could be one of the millions potential targets for attackers.

This security threat is critical because it allows an attacker to launch a malware in your computer through the execution of a remote code, without the need of user interaction. The worse part is represented by the cross platform compatibility of Flash files: the security threat is addressed to more than one web browser or a single application. Now all operating systems are targets for attacks, Flash being platform independent.

Symantec has already reported one type of Trojan virus spread through PDF files:”The authors of the exploit have managed to take a bug and turn it into a reliable exploit using a heap spray technique. Typically an attacker would entice a user to visit a malicious website or send a malicious PDF via email. Once the unsuspecting user visits the website or opens the PDF this exploit will allow further malware to be dropped onto the victim’s machine. The malicious PDF files are detected as Trojan.Pidief.G and the dropped files as Trojan Horse.”

In case of Adobe software, (Flash Player, Adobe Reader and Acrobat), there was recognized the existence of this security vulnerability, primarily caused by Flash content: “This vulnerability (CVE-2009-1862) could cause a crash and potentially allow an attacker to take control of the affected system. There are reports that this vulnerability is being actively exploited in the wild via limited, targeted attacks against Adobe Reader v9 on Windows.”

A mitigating solution for repairing the security vulnerability in Adobe Reader and Acrobat 9.x is to delete or rename authplay.dll file shipped with these applications. As a consequence, when a PDF file with SWF content is opened, a non exploitable crash or an error message will occur. Windows Vista users with UAC enabled should not have problems caused by the security issue presented in this article.

Adobe Systems Incorporated ensured all users that the Flash related security vulnerability affecting their products will be fixed by July 30, 2009: “We are in the process of developing a fix for the issue, and expect to provide an update for Flash Player v9 and v10 for Windows, Macintosh, and Linux by July 30, 2009 (the date for Flash Player v9 and v10 for Solaris is still pending). We expect to provide an update for Adobe Reader and Acrobat v9.1.2 for Windows, Macintosh and UNIX by July 31, 2009.”

In conclusion, Flash SWF content represent a real danger for your computer, even it is not rendered or managed through Adobe products. It is a good idea to maintain your anti-virus software updated with the latest viruses definitions, if you are still allow the playing of Flash files by certain applications.

Related Articles

• YouTube Enables 3D Stereoscopic Video Sharing (0)
• Wolfram|Alpha Computational Knowledge Engine Is Live (0)
• SPNbabble: A Microblogging Service For Webmasters (0)
• SMS Enables Viruses For iPhone, Android And Windows Mobile (0)
• Microsoft Security Essentials Beta: Official Release (0)
• How To Completely Remove AVG Anti Virus (0)

This entry was posted on Monday, July 27th, 2009 at 6:44 am and is filed under Web Browsers, Web Security. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.