Flash Get Nailed with Major Exploit as Xoom Gets Funtionality

posted Sunday Mar 20, 2011 by Nicholas DiMeo

At a time where the Motorola Xoom would finally be getting Flash functionality, Adobe has released a security advisory about a major flaw discovered in its Flash Player. This exploit affects Flash Player for Windows, Mac OS X, Linux, Solaris and Android and the authplay.dll file found in Acrobat and Reader X.

This flaw could potentially crash a computer that it infects or let the hacker take control of the system. Adobe has reported that the exploit is being used all over the world at this time in SWF Flash files and in Excel spreadsheets with Flash attached. So far, Acrobat and Reader X has not been affected and Adobe reports that using Protected Mode in Reader X would stop the exploit from loading.

For more on this and what to expect for a fix, hit the break.

As of now, Adobe is working hard on a fix to the exploit and an update for Flash Player, Acrobat and Reader will be released within the next week. Because of the Protected Mode in Reader X, however, Adobe will not update that software until its next scheduled update cycle.

We considered providing an out-of-cycle update for Adobe Reader X as well, which would have delayed the current patch release schedule by about another week. However, given the mitigation provided by the Adobe Reader X sandbox and the absence of attacks via PDF, we determined that an out-of-cycle update would incur unnecessary churn and patch management overhead on our users not justified by the associated risk, in particular for customers with large managed environments.

This is simply adding more fuel to the fire for Apple, who has been against adding Flash to their iPhones and iPads. However, exploits can easily be found in even the simplest of apps found in their App Store or even through text messaging.

As is with any program or website, there will always be malicious code that willattempt to be installed and there will always be exploits and vulnerabilities to discover, encounter and then fix. This is just part of the routine cycle. Either that, or everyone should switch to the new IE9 (with incentives) and experience a more beautiful web, complete with native HTML5 and H.264 support.

F5 Live: Refreshing Technology

Episode 194

Sunday Mar 20, 2011 (01:13:41)

Description

This week, AT&T bowls over the competition, 7 of 9 finishes her nerd-core dreams and Microsoft gives away free stuff for using free stuff!

The Weekly UpStream

Powered by Fractal Design

Kojima Opens 'Together Japan' to Help Earthquake Victims

To say the magnitude 8.9 earthquake in northeastern Japan has done more damage and claimed more lives than Godzilla ever could, would be an understatement. I am glad that everyone I know there and their families are safe but for many that will not be the case. Hideo Kojima, founder of the Metal Gear video game franchise has taken up the cause by starting a special website called "Together Japan" which contains illustrations, staff messages, and Twitter icons that offer comfort and support for the victims and their families. Kojima Productions will also donate 100 million yen and be initiating an employee donation fund soon that will be for victims as well.

Rumor Mill's A-Churnin' with HP TouchPad Arrival for Summer at $499

You better start calling the rumor mill employees to come on back to work and put some long overnight hours in! This week we got word from Pre Central about our beloved ~~Palm~~TouchPad that finally came to reality last month at HP-Palm's event.

Sony Continues to Turn Up the Heat on Hotz

This week there has been a further development in the Sony vs. Hotz lawsuit. It seems that Sony has been awarded further access to sensitive information following a previous round of granted subpoenas by Magistrate Joseph Spero. The previous ones gave Sony access to the Twitter and Youtube accounts of anyone who watched the PS3 Jailbreak Tutorial or followed him on Twitter, as well as everyone who visited his website since 2009.

Global Warming Solved - Sort Of

It isn't often that I have the great opportunity to announce world-changing news but today is that day. Global Warming has been solved for good and we have the United States House of Representatives to thank. In a unanimous vote, House Republicans agree that there is no such thing as global warming and that CO2 emissions have no effect on the climate. Crisis averted.

Michigan Changes the Way Cars Work

Michigan State University researchers presented a prototype propulsion system that could completely replace the internal combustion engine in vehicles. The design, called a shock wave generator, does away with the crankshafts, pistons and valves in favor of a rotating round disc with wavy grooves.

Fractal Design Breaks Into the US Market

If you were able to catch our CES 2011 coverage, you saw that we were very excited about a Swedish computer case company that was looking to emerge themselves into the American market, Fractal Design. We were able to talk to many of the important people of the company, including the founder, Hannes Wallin, who was even willing to talk on camera about his products, goals and projections for the company in 2011 (video after the break). One of those goals was to make Fractal Design products available to the US without having to order them from Canada.

Nifty Gifties

Powered by Microsoft Store

Breaking: AT&T Buys T-Mobile USA from Deutsche Telekom for $39 Billion

In the midst of the 3G/4G advertisement confusion of T-Mobile lying about their network and AT&T following suit, this news just added to the craziness surrounding the two companies. AT&T has purchased T-Mobile USA from Deutsche Telekom for $39 billion, $25b in cash and $14b in stocks and bonds. This gives DT a stake in AT&T of 8% after the dust will inevitably clear.

Extra Life

Powered by Club Shockwave

Mortal Kombat Finishes PAX and Challenges the Web With a Series

This year at PAX East 2011 Mortal Kombat made a glorious 15th-coming thanks to WB Games and Netherrealm Studios who were very pleased with the fact that the game has gone back to its roots after a few attempts at 3D versions of the franchise. To be fair the last iteration of the game was rated "T" for teen and was very mild compared to what we've come to expect. I'm happy to say that problem has been solved as special moves and fatalities are augmented more than ever by slow motion cut scenes that don't interrupt game play and take fatalities to the next level. There is also a new "tag mode" where you can switch characters back and forth similar to almost any other fighting game that's been around forever. If that wasn't awesome enough, a new web series is on the horizon that just might make up for all those terrible movies over the years.

News From the Tubes

Powered by RiffTrax

Free Stuff for Using Free Software - What Could be Better?

You know you've been curious about exactly what Hulu PLUS has to offer since we started talking about it and you know you've been wanting to try Internet Explorer 9 to see what all the hype is about. If you are willing to give both a try at once, Hulu will give you one month of its PLUS service for free.

* DRM Not Included

Powered by Sirius|XM

Microsoft Might Discontinue Zune Player but Zune Software Will Live On

Microsoft's Zune enjoyed a relatively short life since it was first introduced to us in 2006 and might be discontinued according to a Microsoft statement made to Bloomberg that there will be no future models,

Flash Get Nailed with Major Exploit as Xoom Gets Funtionality - The UpStream

F5 Live: Refreshing Technology

Episode 194

Sunday Mar 20, 2011 (01:13:41)

Email

Password