A Flash player vulnerability is being actively exploited and Adobe is scurrying to track down the issue.
According to Secunia, the problem is fairly widespread. Malicious code is being injected into thousands of sites, most likely through SQL-injection attacks. The code redirects users to sites hosting malicious Flash files exploiting this issue which affects Adobe Flash Player 9.0.124.0 and 9.0.115.0.
Given the vast majority of people have the Flash plugin, there’s going to be a lot of folks affected if Adobe doesn’t get it sorted soon and no doubt the spyware/malware/anti-virus companies are going to do a roaring trade. All you can really do in the meantime is ensure your virus scanner is up to date and run anti-spyware software.
What is a zero day exploit?
It’s where malware is written for a flaw on the same day that the vulnerability becomes known; and usually before the vendor. In the past, flaws would be found and it would take some time before an exploit would hit the street, or “in the wild”.
Related:
Learn more about spyware and malware
No comments yet.
Sorry, the comment form is closed at this time.