Patch Your Adobe Flash Please

Yes, once again - it's time to fix things.  There is a new exploit out that is using Adobe Flash.  Unless you've totally locked down your machine and never look at anything but text - it's a no brainer certainty you've got Flash installed somewhere.

Regardless, tens of thousands of websites beginning Saturday have been compromised with SQL injections so they can serve as launching pads for the exploit.

I'm thinking there are lots of people running older versions. I'm probably one of them and I'll need to patch it. I nearly missed this announcement since I've been so busy. (even when you're looking out for this crap it's difficult to keep up)

Roughly half of users are patched with latest version of Flash, 9.0.124. Richard said it is possible for users who leverage more than one browser to be running different versions of the software.

“It does require a little more diligence than just checking, say, the version you got installed with IE (Internet Explorer),” he said.

Users are infected when they visit a compromised website, which automatically opens a hidden IFRAME. According to McAfee, a Google search yields about 250,000 page results that contain malicious scripts referencing an SWF (Shockwave Flash) file.

Oh joy...

Go here to patch 'em up peeps.

Posted by: Teresa in WebTech at 09:32 AM | Comments (4) | Add Comment
Post contains 218 words, total size 2 kb.