05/28/2008, 11:10am, EDT
Wednesday, May 28th
Symantec: Flash exploit in widespread use
Hundreds of thousands of webpages have been affected by a vulnerability in Adobe's Flash Player, says security vendor Symantec. Since at least Monday, approximately 220,000 pages have been been hacked to add redirection scripts, which send Flash users to some 57 servers that attempt to deliver malware, including botnet code and apps that steal World of WarCraft identities and passwords. Only Flash Player versions 9.0.124.0 and 9.0.115.0 appear to be at risk; the attack also seems to be directed primarily at Windows, says Symantec, although problems may yet arise on other operating systems (including Mac OS X) unless Adobe can close the exploit.
Sites victimized by the redirection scripts are generally said to be those belonging to small towns, businesses and non-profit organizations, which may have been chosen through a tool that uses Google to trawl for pages with security holes. If an attack fails, Symantec notes that it may still crash a user's browser.
Adobe has yet to confirm or deny the security issue. "We are working with Symantec to investigate the potential SWF vulnerability," an official statement reads, "and will have an update once we get more information."
Filed under: security, gaming, software, Graphics/Web Design
Other story tags: Windows, Adobe, Flash, Symantec
,
, 7
,
,
,
,
,

subscribe to comments
for this article
MacNN
you might want to get an updated Flash Player Icon
That one has not been in use for over a year now
No Flash for me
I don't like Flash at all. Flash is nothing but a tool for advertisers.
Great!
Another reason to hate Flash web sites!
Flashblock
Well, I use Firefox with the Flashblock extension anyway. It saves a lot of headache when I surf.
I Wonder
If the old Macromedia garb people are chuckling now
Flash exploit
Isn't that a bit redundant?
harshing on flash
I like Flash, but it's overused and improperly used by bad designers.