On TechRepublic: Five super-secret features in Windows 7
BNET Business Network:
BNET
TechRepublic
ZDNet

February 24th, 2009

Heads-up: Critical Adobe Flash Player patch coming

Posted by Ryan Naraine @ 1:41 pm

Categories: Adobe, Arbitrary Code Execution, Browsers, Complex Attacks, Data theft, Exploit code, Flash, Hackers, Malware, Passwords, Patch Watch, Pen testing, Responsible disclosure, Vulnerability research, Zero-day attacks

Tags: Adobe Systems Inc., Shockwave, Attacker, Macromedia Flash Player, Adobe Flash Player, iDefense, Shockwave Flash, Security, Ryan Naraine

[ UPDATE:  Here's the official alert from Adobe with information on the patch.  It covers a total of five vulnerabilities and affects Flash Player 10.0.12.36 and earlier ]

Sometime later today, Adobe will issue a patch for at least one critical vulnerability affecting its ubiquitous Flash Player.  If you live on the Windows ecosystem, this is a heads-up to pay attention to Adobe’s security updates page and treat this as a high-priority issue.

According to an advisory from iDefense, the company that brokered the disclosure process, the patch will fix a Flash Player vulnerability that could allow an attacker to use rigged Shockwave Flash files to execute arbitrary code with the privileges of the current user.

From the iDefense alert:

  • During the processing of a Shockwave Flash file, a particular object can be created, along with multiple references that point to the object. The object can be destroyed and its associated references removed. However a reference can incorrectly remain pointing to the object. The invalid object resides in uninitialized memory, which the attacker may control to gain arbitrary execution control.

To exploit this vulnerability, iDefense said a targeted user must load a malicious Shockwave Flash file created by an attacker.  This can be trivially done via social engineering techniques or injecting content into a compromised, trusted site or advertising network.

  • Utilizing various techniques, an attacker is able to re-allocate and control the memory used by the destroyed object. This allows the attacker to subvert execution when a virtual function is called via the invalid reference.

The flaw was confirmed latest version of Flash Player (9.0.124.0). Previous versions may also be affected. iDefense said it tested exploitation on Windows XP SP3 and Windows Vista SP1.

  • iDefense believe that all platforms supported by Flash Player are affected by this vulnerability, including Linux and MacOS.

Adobe was first notified of this issue last August.  The company is currently in the midst of responding to zero-day attacks against bugs in its Adobe Reader and Acrobat products.

Ryan NaraineRyan Naraine is a journalist and security evangelist at Kaspersky Lab. He manages Threatpost.com, a security news portal. Here is Ryan's full profile and disclosure of his industry affiliations.


Email Ryan Naraine

For daily updates on Ryan's activities, follow him on Twitter.

Subscribe to Zero Day via Email alerts or RSS.

  • Talkback
  • Most Recent of 3 Talkback(s)
To answer your question
If you're running 10.0.22.87, then you're fine according to Adobe. The advisory states "Adobe Flash Player 10.0.12.36 and earlier (Adobe Flash Player 10.0.15.3 and earlier for Linux)" are impacted.... (Read the rest)
Posted by: ejhonda Posted on: 02/26/09 You are currently: a Guest | | Terms of Use
Flash Player Version  Chiphead® | 02/24/09
Flash Player 10 is affected  Ryan NaraineZDNet Moderator | 02/24/09
To answer your question  ejhonda | 02/26/09

What do you think?

SponsoredWhite Papers, Webcasts, and Downloads

advertisement

Recent Entries

advertisement

Archives

Favorite Links

ZDNet Blogs

White Papers, Webcasts, and Downloads

SmartPlanet

Click Here