Adobe Flash Zero-Day Attack Underway 246
Robellus writes "Security researchers have found evidence of a previously unknown Adobe Flash vulnerability being exploited in the wild. The zero-day flaw has been added to the Chinese version of the MPack exploit kit and there are signs that the exploits are being injected into third-party sites to redirect targets to malware-laden servers. From the article: 'Continued investigation reveals this issue is fairly widespread. Malicious code is being injected into other third-party domains (approximately 20,000 web pages) most likely through SQL-injection attacks. The code then redirects users to sites hosting malicious Flash files exploiting this issue.'"
Re:SNAFU (Score:3, Interesting)
Adobe has to be the worst company ever to supply popular software for the web, and it has always been a horrid company--at least since "ATM" started destroying my PCs back in the ole Windows 3.0 days.
At one point, they had some competition from some other terribly flashy web software, but they quickly rectified that by buying the company so they could retain their title of Extreme Web Fuckups and earn the SNAFU title.
(Second use of the F was quite gratuitous, but in for a penny, in for a pound)
Re:And people (Score:3, Interesting)
I have seen it quite few times, someone had problem with noisy ads, someone else suggests adblock, site admin appears, has long sad speech how adblockers are worst thing ever and bans person suggesting use of adblock and tells person which has problem with ads to deal with it or move on.
There is some pressure NOT to use such tools. And nice people do listen.
Re:Flash perpetual vulnerability (Score:1, Interesting)
Make a goodie virus (Score:1, Interesting)
That's sort of what the Welchia worm does (Score:3, Interesting)
Well it didn't take long for me to notice that my modem often showed activity even when I wasn't doing anything online. At the advice of a friend I bought the ZoneAlarm firewall.
It informed me that I was infected with the Welchia worm. What it does is apply security fixes to your Windows installation, and then it propagates itself on to other Windows hosts over the Internet!
This drove home to me the importance, when using Windows, of having a firewall that prevents connection coming from my own computer. ZoneAlarm does this.
Most firewalls just prevent attacks from outside. But if you're already infected, you want to know about network traffic originating from your own computer.
Re:And people (Score:5, Interesting)
Flash dependent sites (Score:5, Interesting)
Yes, I use them all the time, but what does that really mean? After I temporarily enable Flash/JS malware for a badly designed site which is just not viewable without them, I'm not going to get temporarily "pwned". It's already "game over".
Except for times like this, if the choice is enabling JS/Flash, or not getting information I was interested in, my thirst for information wins, all other things being equal (i.e., the URL looks like a legitimate one, etc.)
I never enable JS or Flash in order to see sites which I get to through advertisements, however.
Fucking useless (Score:1, Interesting)
This advisory is fucking useless.
"This advisory is to alert you that if you are using Adobe Flash you're pretty much fucked, oh, there is no fix currently. Have a good day"
Re:And people (Score:3, Interesting)
Re:SNAFU (Score:5, Interesting)
1. Adobe Reader 8 launches almost instantly for me after the first run, when it optimizes its launch (and I always disable the startup option). Version 6 was awful but things have changed. I do agree that it's bloated (over 200Mb) but I had problems displaying complex/cmyk docs in Foxit. YMMV.
2. Flash - use AdBlock. The technology is not at fault as flash is pretty lightweight itself. It's the advertisers who think I'll click their stupid ads if they add annoying sounds and the webmasters who think that by cramming more ads there's a better chance of me clicking on one.
3. The update agent is slow 'cause it downloads only when the connection is idle. I do agree that it's annoying for it to ask to close almost all programs when updating.
5. You do realize that camera and mic are turned off by default, don't you? You need to expressly enable them on a site-by-site basis.
So there you have it.
That's not to say that I don't hate Adobe myself for other things:
- activation is a pain in the ass, especially if you don't get the chance to deactivate the software first from the old computer and activate on the new one (happened to me after a hdd crash).
- the software is artificially segmented in some cases, e.g. Premiere and After Effects should be one software, or Illustrator and Indesign (CorelDraw acts as a combination between the two).
Re:And people (Score:5, Interesting)
Re:And people (Score:3, Interesting)
The difference of course is that the image file itself is benign -- the decoders were flawed. Whereas the Flash decoder is adware BY DESIGN.
The creators of Flash, Adobe/Macromedia, deliberately resist allowing user control of Flash. Why must I go to a 3rd party to selectively block Flash? Why can't I control Flash in my browser to a very simple extent such as "Flash cannot play sound without asking permission." Why does Adobe make Flash an "all or nothing" experience? The answer was given to me straight up by Flash evangelist: "If you could control your experience, it would not be a good advertising platform." As floored as I was by that statement, I realized that is Flash's great selling point for many people -- here is an ad that is unavoidable and will generate a lot of attention.
I block flash with noscript, and I refuse to buy from a site that requires Flash. I certainly enjoy Flash games [handdrawngames.com] at home, but at work I've blocked flash at the firewall level for YEARS now. And I've never had one legitimate complaint of "I need flash to do this" that was work related.
Re:SNAFU (Score:3, Interesting)
Why people use flash... (Score:3, Interesting)
Underline that, set it in boldface, carve it in granite, mod parent up, the works...
I really think the main reason people use flash is because it moderately increases the difficulty of reverse-engineering an interface. Chopping up a