LUCYTR: A critical vulnerability has been discovered in Adobe Flash Player 10.0.45.2 and Adobe Reader/Acrobat 9.x, and could potentially be used to target World of Warcraft players and accounts. The newest available version of Adobe Flash 10.1, Release Candidate 7 (available at http://labs.adobe.com/technolAdobe reports that it has seen evidence of this vulnerability already being exploited.ogies/flashplayer10/), does not appear to contain this vulnerability, and we recommend that everyone upgrade their Flash player as soon as possible. Earlier versions of Adobe Reader and Acrobat, specifically version 8.x, do not appear to contain this vulnerability, either.
Although the technical details are still sketchy, it is likely to require a specially crafted flash or PDF file to trigger the vulnerability. We have seen this type of attack on Adobe flash before - where you can be infected by a keylogger/trojan by simply visiting a legitimate web page that renders this malicious code or redirects to a malicious site containing the code.
Unfortunately, Adobe don't seem to have this fix on their auto-update system so be sure to visit Adobe's Security Page and patch your machine with v10.1 today.
No comments:
Post a Comment