4 Replies Latest reply on Jul 31, 2009 11:13 PM by acebrian

    Adobe Flash - New SWF exploit attacks in-the-wild

      :eek: So far, only a handful of sites have been discovered, but there's a potential for these new SWF exploits to spread further. Keep AV protection updated and avoid all suspicious attachments (PDFs in this case) and avoid usual websites as well.

      New attacks exploit vuln in (fully-patched) Adobe Flash
      http://www.theregister.co.uk/2009/07/22/adobe_flash_attacks_go_wild/

      QUOTE: Although the exploit can be triggered using malicious PDF files opened by Adobe's Reader application, a more common technique uses a 1.1 kilobyte Adobe Flash file to target the vulnerability, says Paul Royal, principal researcher for Purewire, a company that protects web users against malicious sites. At the moment, the number of attacks is small, but that's likely to change.

      "So far, I've seen just a handful of websites offering this zero-day exploit, although the number will obviously increase the minute that a public proof of concept version of the weaponized vulnerability gets published," Royal tells The Register. "Once this thing hits Milw0rm you'll see thousands of sites."

      Adding to the urgency, none of the major anti-virus engines were detecting the poisoned SWF files at time of writing. What's more, some of the sites serving the malicious, one-frame movie are legitimate websites that have been compromised, making it difficult for people to protect themselves against the attack.