View Full Version : critical vulnerability in Flash Player 10.2.153.1
dinamic1
April 12th, 2011, 06:39 PM
critical vulnerability in Flash Player 10.2.153.1
there are already reports that the vulnerability is being exploited using crafted .swf files embedded in Microsoft Word .doc files which are sent as an email attachment. The vulnerability can, when exploited appropriately, allow an attacker to take control of a system.
http://www.adobe.com/support/security/advisories/apsa11-02.html
leviathan8
April 12th, 2011, 06:59 PM
To my consideration, this does not really represent a great danger for us, but if you do feel unsafe, you can use the add-on FlashAid (developed by LovingLinux) and this will update flash player to version 10,3,180,42.
_outlawed_
April 12th, 2011, 06:59 PM
The only "victims" of these exploits are people who are dumb enough to open attachments from people they don't know or trust.
3Miro
April 12th, 2011, 07:01 PM
AFAIK flash only works in a Linux browser, i.e. opening Open Office documents will be fine.
In a browser, always install and use Flash block. Firefox and Chromium have it, apparently it can be done on some other browsers too.
I allow flash only on sited that I "trust".
Frogs Hair
April 12th, 2011, 08:35 PM
This occurs quite often , so I expect an update soon for Ubuntu and of course I will have to check for myself on Windows.
Enigmapond
April 12th, 2011, 08:38 PM
To my consideration, this does not really represent a great danger for us, but if you do feel unsafe, you can use the add-on FlashAid (developed by LovingLinux) and this will update flash player to version 10,3,180,42.
+100
This add-on is great and fixed a number of issues. I highly recommend it. Just run the script and it will effect system-wide.
lovinglinux
April 12th, 2011, 10:44 PM
+100
This add-on is great and fixed a number of issues. I highly recommend it. Just run the script and it will effect system-wide.
:popcorn:
Thanks.
BTW, I am wondering recently which flash version doesn't have a critical vulnerability?
ukripper
April 13th, 2011, 04:34 PM
you can use noscript whilst visiting untrusted sites - https://addons.mozilla.org/en-US/firefox/addon/noscript/
fuduntu
April 13th, 2011, 04:53 PM
The only "victims" of these exploits are people who are dumb enough to open attachments from people they don't know or trust.
The flash vulnerability includes all OSs, MacOS Windows and Linux. With exploitation it is possible to take control of a system.
Currently only a Windows exploit is circulating, but don't assume that Linux users with (this version of) flash aren't vulnerable because they are.
This vulnerability (CVE-2011-0611) could cause a crash and potentially allow an attacker to take control of the affected system. There are reports that this vulnerability is being exploited in the wild in targeted attacks via a Flash (.swf) file embedded in a Microsoft Word (.doc) file delivered as an email attachment, targeting the Windows platform. At this time, Adobe is not aware of any attacks via PDF targeting Adobe Reader and Acrobat. Adobe Reader X Protected Mode mitigations would prevent an exploit of this kind from executing.
Don't make assumptions.
Powered by vBulletin® Version 4.2.2 Copyright © 2024 vBulletin Solutions, Inc. All rights reserved.