Flash Player Critical Vulnerability Exploited in IE for Windows Only

A critical security flaw that has been affecting Adobe's Flash Player application now has an update from the software company towards remedying the problem. Actually the flaw had been enabling hackers to exploit it so users could be deceived into taking down malware while browsing in IE (Internet Explorer) that too was getting impacted. Redorbit.com published this on May 6, 2012.

Adobe stated that the flaw was reportedly being abused through personalized assaults that aimed at deceiving end-users into opening one malicious file downloadable from certain e-mail. The attack capitalized on Flash Player active in IE for computers running solely Windows OS.

Being most persuasive, the attack was potentially destructive in that the forwarded string was impersonated and tailored for each e-mail and its recipient. The string consisted of names/e-mail ids belonging to people holding top-ranking positions in their organizations, thereby giving the electronic mails an appearance of legitimacy and also making them supposedly summon urgent action. Web-links too were provided within the e-mails that led onto PDF files consisting of the latest directions on the security fix's usability along with an .exe file that Adobe said was a Trojan.

The company further said that PDF files today innately posed more risk compared to executables since the former made end-users falsely believe they were viewing a document having text. Thus, the end-users might be reading the document's content, while actually the attack worked in the background.

Adobe's security advisory also informed that the update to fix the vulnerability was obtainable for versions 11.2.202.233 and older of Flash Player running in Linux, Macintosh, Windows as also versions 11.1.115.7 and older of Flash Player running in Android 4.x, along with just Flash Player ver.11.1.111.8.

The update, which was released on May 4, 2012, happened to be the 4th one for Flash Player from Adobe in 2012. During March 2012, Adobe dealt with the problem for Windows OS if not others via making available Flash Player 11.2 that updates quietly without drawing notice. Apparently, this update triggers off occasionally for mechanically and silently patching plug-ins within Firefox, Internet Explorer, Opera and Safari running within Windows OS.

Related article: Flaws Detected in Yahoo Music Jukebox

» SPAMfighter News - 5/11/2012