Main Area and Open Discussion > Living Room

New Adobe Flash Player Security Exploit Reported Today (tuesday may 27)

<< < (2/3) > >>

Gothi[c]:
I have used noscript for a long time, to block flash and java. It's handy because you can whitelist sites or allow stuff on the fly. I only use it on my own computer now anymore though, because too many times my wife would not understand why sites did not function correctly. Even though she knew to click allow on the noscript button, sometimes you have to allow multiple sources etc... I imagine it can be a bit confusing for people that aren't much into computers.

Ehtyar:
Ehtyar: thanks for that word of warning, if it's not been fixed, that basically means FlashBlock is useless.
...
Is the exploit that's now in the wild based on the NULL pointer exploit? Pretty nasty stuff.
-f0dder (May 27, 2008, 05:58 PM)
--- End quote ---
And thank you for the technical info f0dder. Very interesting, not to mention fear-instilling.

Ehtyar.

f0dder:
I'm not sure if that's the exploit that's been used, but if so - then it's relatively old. No telling how long it's been silently exploited by 0-day blackhats before it reached the wild, though... banner ads are scary. One compromised banner ad server, and even the cleanest sites on the net can get you infected.

Lashiec:
*sigh*, the never ending story with Flash. And they want people to disable ad blocking...

I wonder if Opera's FlashBlock also suffers from the same problem as its Firefox counterpart. Perhaps it's time to disable plugins EVERYWHERE... except in YouTube, of course :D

PhilB66:
Adobe confirms the exploit @ Adobe Product Security Incident Response Team (PSIRT).

Navigation

[0] Message Index

[#] Next page

[*] Previous page