May 29, 2008
Adobe has been investigating an active Zero-Day exploit of the Adobe Flash Player (see Adobe's PSIRT blog for details). According to the SANS Internet Storm Center, compromised web sites are hosting maliciously crafted Adobe Flash files (SWF files) that exploit the vulnerability. Getting exploited may result in your user desktop becoming a 'bot, getting a root-kit, or worse (ransom-ware). Apparently,
Due to the significant use of Adobe Flash in many academic and research pursuits, Case users are strongly encouraged to immediately update to the latest version of Adobe Flash, v. 126.96.36.199.
For Mac users, the Apple Security Update 2008-03, released May 28, 2008, includes this update. Running the Software Update from the System Preferences panel will address this vulnerability, along with a number of other fixes that have been bundled into this software udpate.
Overall protection of the browser is the high-level recommendation to prevent the casual compromise of a user workstation due to web browsing. The SANS Institute recommends some simple configuration fixes that would prevent such an exploit:
* In Firefox, you can use either of the following add-ons, NoScript (one of our favorites, found here or here) or FlashBlock (here or here).
* In IE, see here for how to set the "killbit", the CLSID is BD96C556-65A3-11D0-983A-00C04FC29E36.
The US-CERT provides some great guidelines for Browser Security which Case recommends for all users.
Posted by Thomas Siu at 08:49 AM