Flash Users Advised to Upgrade Vulnerability in Flash Player Discovered Sean Michael Kerner
With hundreds of millions of Macromedia Flash installations, Flash Player is one of the most successful and ubiquitous plug-ins of all time. Many millions of those users may be at risk today if they don't upgrade to the latest version.
An Adobe/Macromedia Flash vulnerability has been reported that could potentially allow an attacker to execute remote code on a user's system. All a user needs to do to get infected is view a maliciously crafted Flash file within a browser.
US-CERT has issued a Cyber Security Alert for multiple Adobe/Macromedia Flash-based products, including Flash Player version 8.0.22.0 and earlier for Windows, Mac OS X, Linux and Solaris.
Microsoft issued its own advisory on the Flash flaw earlier this week, as well. Flash player is usually included by default on a number of Microsoft Windows platforms going all the way back to Windows 98.
Flash Professional 8, Flash Basic, Flash MX 2004, Flex 1.5, Breeze Meeting Add-In 5.1 and earlier, and Adobe Macromedia Shockwave Player 10.1.0.11 and earlier were also affected.
An upgraded version of Flash that fixes the vulnerability is now available on the Macromedia site.
A December survey by NPD Online reported that Flash Player is installed on 97.7 percent of Internet-enabled PCs. Adobe Acrobat was the second-most installed plug in at 89.4 percent, followed by Java at 86.2 percent.
