[vietnameseblindtechinfo] Fw: [acb-l] Microsoft Warns of Flash Vulnerability

  • From: "Vy Pham" <thaovyngu@xxxxxxxxxxx>
  • To: "vietnamese blind technology" <vietnameseblindtechinfo@xxxxxxxxxxxxx>
  • Date: Fri, 11 Nov 2005 21:13:30 -0500


----- Original Message ----- From: " Christopher McMillan" <chrismmcmillan@xxxxxxxxx>
To: <acb-l@xxxxxxx>
Sent: Friday, November 11, 2005 4:33 PM
Subject: [acb-l] Microsoft Warns of Flash Vulnerability


Microsoft Warns of Flash Vulnerability

By Nate Mook, BetaNews

November 11, 2005, 10:59 AM

Microsoft this week notified customers regarding vulnerabilities in
Macromedia Flash, the first time the company has ever issued a security
advisory for a third party product. Redmond officials say the step was taken
because Flash ships with Windows XP SP1 and SP2, along with older Windows
versions.

The advisory comes two days after Macromedia warned of the "critical"
problem, which affects certain versions of Flash Player 7 and earlier.
According to the company, the vulnerability could allow a hacker to inject
code that the player would then execute, resulting in the compromising of a
user's system.

The flaw was originally discovered by eEye Digital Security in June, but
Macromedia waited until Flash Player 8 was ready to offer a fix. Users are
instructed to upgrade to version 8, or download a patch for Flash 7 if they
do not meet the system requirements for the most recent release.

Microsoft has instructed Windows users to, "follow the guidance documented
in Macromedia's Security Bulletin." However, the company has offered a few
of its own solutions to remedy the problem, including disabling the Flash
Active X control and even uninstalling the software altogether.

"If customers are not using Macromedia Flash Player on their system, or
customers do not need Macromedia Flash Player, they can disable the ActiveX
control in Internet Explorer to help protect against these vulnerabilities,"
Microsoft says in the advisory.

Macromedia has not said why it sat on the problem for so long, but notes in
its own security bulletin that, "When Macromedia becomes aware of a security
issue that we believe significantly affects our products or customers, we
will notify customers when appropriate.

--
No virus found in this outgoing message.
Checked by AVG Free Edition.
Version: 7.1.362 / Virus Database: 267.12.8/166 - Release Date: 11/10/2005



************************************************************
* ACB-L is maintained and brought to you as a service      *
* of the American Council of the Blind.                    *
--
To unsubscribe, e-mail: acb-l-unsubscribe@xxxxxxx
For additional commands, e-mail: acb-l-help@xxxxxxx



Other related posts:

  • » [vietnameseblindtechinfo] Fw: [acb-l] Microsoft Warns of Flash Vulnerability
  1. Home
  2. vietnameseblindtechinfo
  3. Archive
  4. 11-2005