Even Flash Can Get Viruses

Even Flash Can Get Viruses 277

Posted by timothy on Tuesday January 08, 2002 @06:44PM from the blesshyoo dept.

Mechel Conrad writes: "Heise Online(German) writes about a Virus called SWF/LFM-926. It consists of a Macromedia Flash movie and seems to be the first of its kind. It uses Flash's scripting language in order to open a debug terminal creating and executing a file called V.COM, which infests other .SWF Files. Although the virus is not very dangerous and not widespread yet, it suggests clear security holes in Flash." The translation of the Heise article is quite readable, too. Update: 01/08 22:47 GMT by T : bdavenport adds: "this report on Yahoo lists a new Shockwave virus as low grade due to the need of manual downloading. infoworld is reporting that McAfee has upgraded to high risk after several Fortune 500 firms have reported it in the wild, arriving as an email attachment."

Even Flash Can Get Viruses

This discussion has been archived. No new comments can be posted.

Search 277 Comments Log In/Create an Account

Comments Filter:

Let's Just Pray That We Can't Get Foot & Mouth (Score:2, Funny)

by ekrout ( 139379 ) writes: on Tuesday January 08, 2002 @06:47PM (#2806619) Journal

http://www.satirewire.com/news/0103/outlook.shtml [satirewire.com]

Build it, and they will... (Score:5, Funny)

by Ethelred Unraed ( 32954 ) writes: on Tuesday January 08, 2002 @06:48PM (#2806626) Journal

...write a virus for it.
Cheers,
Ethelred

Finally! (Score:3, Funny)

by kilrogg ( 119108 ) writes: on Tuesday January 08, 2002 @07:04PM (#2806753) Homepage

Us Linux users can enjoy a flashy virus for once. We need more cross platform stuff like this.

Re:Cross Platform? (Score:1, Funny)

by Anonymous Coward writes: on Tuesday January 08, 2002 @08:35PM (#2807171)

You guys come up more than a 1% marketshare, preferrably in corporations with fat checkbooks, and McAffee and Norton will find a way to make the viruses work :)

That vulnerability is purely theoretical... (Score:5, Funny)

by chazR ( 41002 ) writes: on Tuesday January 08, 2002 @08:36PM (#2807179) Homepage

The still-excellent l0pht [l0pht.com] once informed the world that Microsoft had a serious security problem in a product.MS responded with the famous "That vulnerability is purely theoretical.". So, l0pht released a real exploit for the vulnerability.

Apologies, it's hard to find the original links since l0pht got up in the morning, put on a suit, and became @stake [atstake.com]

Hello. Wake up. Theoretical vulnerabilites become real, nasty, exploited vulnerabilites very fast. I assume you read comp.risks?

Looks like it isn't very likely to succeed

LOOKS LIKE? It's a done deal. Somebody has exploited a widely-distribited scripting engine. The people who did it as a "proof-of-concept" have proven that the interpreter for this language is wide-open and gagging for a jolly good rogering. I wonder how many unchecked buffers there are in that code. I wonder how it handles multi-byte characters. I desperately hope it wasn't written in C.

I sit here as a smug old Unix hacker, secure in the knowledge that lisp and Smalltalk programs are unlikely to be attacked in the same way that C programs are.

I'm also sure I'm wrong.

There may be more comments in this discussion. Without JavaScript enabled, you might want to turn on Classic Discussion System in your preferences instead.

Even Flash Can Get Viruses 277

Even Flash Can Get Viruses More Login

Even Flash Can Get Viruses

Let's Just Pray That We Can't Get Foot & Mouth (Score:2, Funny)

Build it, and they will... (Score:5, Funny)

Finally! (Score:3, Funny)

Re:Cross Platform? (Score:1, Funny)

That vulnerability is purely theoretical... (Score:5, Funny)

Related Links Top of the: day, week, month.

Slashdot Top Deals

Slashdot