Adobe flaw leads to Trojan attack

Why adobe flash is not good app platform!!!! Attractive things will always have danger within!!!!!!
Adobe is suffering from a two-fer of security flaws at present, with researchers revealing an attack which utilises both Acrobat Reader and Flash Player to infect targeted PCs with a Trojan horse.
According to an article over on CNet, the vulnerability exists in Adobe Reader 9.1.2 and Adobe Flash Player 9 and 10 and has been around since at least December 2008 – although it's only within the last two weeks that security researchers have evidence of it being exploited in the wild.
The attack relies on the target opening a specially crafted SWF file, either as part of a web page or an e-mail, or opening a PDF file containing an embedded SWF. Once opened, the flaw is triggered and 'dropper' code executed which installs the malware – in the case of the current exploit, a Trojan horse package.
also read :
http://www.bit-tech.net/news/bits/2009/07/26/adobe-flaw-leads-to-trojan-attack/1
http://www.pcworld.com/businesscenter/article/169058/adobe_flash_flaw_exploited_in_web_sites_researcher_warns.html
http://www.usatoday.com/tech/news/computersecurity/2009-07-26-adobe-hackers_N.htm
http://blogs.zdnet.com/security/?p=3792
http://blogs.zdnet.com/security/?p=3773

0 replies: