[NIFL-TECHNOLOGY:2705] Major Flash security vulnerability

• Next message: Walter F. Wallace: "[NIFL-TECHNOLOGY:2706] Re: Major Flash security vulnerability"
• Previous message: Hacker, Emily: "[NIFL-TECHNOLOGY:2704] RE: journals, pubs, list suggestions?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Return-Path: <nifl-technology@literacy.nifl.gov>
Received: from literacy (localhost [127.0.0.1]) by literacy.nifl.gov (8.10.2/8.10.2) with SMTP id gBKFolX11062; Fri, 20 Dec 2002 10:50:47 -0500 (EST)
Date: Fri, 20 Dec 2002 10:50:47 -0500 (EST)
Message-Id: <Pine.LNX.4.44.0212201044270.3674-100000@shagrat.silicongoblin.com>
Errors-To: listowner@literacy.nifl.gov
Reply-To: nifl-technology@literacy.nifl.gov
Originator: nifl-technology@literacy.nifl.gov
Sender: nifl-technology@literacy.nifl.gov
Precedence: bulk
From: "Steve Linberg" <steve@silicongoblin.com>
To: Multiple recipients of list <nifl-technology@literacy.nifl.gov>
Subject: [NIFL-TECHNOLOGY:2705] Major Flash security vulnerability
X-Listprocessor-Version: 6.0c -- ListProcessor by Anastasios Kotsikonas
Content-Type: TEXT/PLAIN; charset=US-ASCII
Status: O
Content-Length: 1290
Lines: 29

According to <http://news.com.com/2100-1001-978261.html>, it appears that 
a major security hole has been found in the Flash/Shockwave player that 
could allow the execution of arbitrary code on any system.

In English, this means that if you have Flash/Shockwave installed (and 
most of us do whether we know it or not), and you go to a website that has 
a damaged/hacked movie on it, anything could happen to your PC.  It could 
crash, files could be deleted, private files or settings could be 
revealed, etc.  The usual "ultimate-horror" situation.

I don't normally call attention to security issues that aren't this major,
but this one is big.  EVERYBODY has to upgrade right away, according to
the descriptions I've read.  If you don't, your system will be vulnerable, 
and Flash/Shockwave movies are so widespread (and many play automatically, 
even in web-based ads) that you're essentially walking a minefield by 
surfing without upgrading.  This affects both Macs and PCs.

See <http://www.macromedia.com/v1/handlers/index.cfm?ID=23569> for 
Macromedia's announcement and links to downloads for updated versions.

- Steve


-- 
Steve Linberg, Chief Goblin 
Silicon Goblin Technologies 
http://silicongoblin.com 
Be kind.  Remember, everyone you meet is fighting a hard battle. 

• Next message: Walter F. Wallace: "[NIFL-TECHNOLOGY:2706] Re: Major Flash security vulnerability"
• Previous message: Hacker, Emily: "[NIFL-TECHNOLOGY:2704] RE: journals, pubs, list suggestions?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Jan 17 2003 - 14:44:50 EST