paularoid
07-22-2007, 02:03 AM
This just in (actually a few days ago) from F-Secure. Go to the link at the very bottom of this thing and click on it to take you to the original blog entry. It's got some links in it that'll take you right to the places you need to go for info and patches.
-----
Patch your Flash Player and Java Runtime Environment *NOW*
F-Secure Antivirus Research Weblog
Jul 17 (5 days ago)
Adobe and Sun have released patches today for several critical
vulnerabilities that affect their respective Flash Player and Java Runtime Environment. Many of these vulnerabilities can be exploited to execute arbitrary code on victims' computers just by making them access a malicious URL using any application that invokes Flash Player or JRE. In English, this means that you can get hacked just by viewing a web page that contains malicious Flash or Java content.
Many of the vulnerabilities are cross-platform, and between them, they have most OS-browser combinations covered. You are vulnerable until you install the patches. Read the advisories from the vendors and grab the patches.
There are no reported in-the-wild exploits yet, but we might see some soon as enough technical information required to build an exploit has been released publicly for at least a few of these vulnerabilities.
On 13/07/07 At 09:59 PM
__________________________________________________ _______________
Article:
* http://www.f-secure.com/weblog/#00001231
-----
Patch your Flash Player and Java Runtime Environment *NOW*
F-Secure Antivirus Research Weblog
Jul 17 (5 days ago)
Adobe and Sun have released patches today for several critical
vulnerabilities that affect their respective Flash Player and Java Runtime Environment. Many of these vulnerabilities can be exploited to execute arbitrary code on victims' computers just by making them access a malicious URL using any application that invokes Flash Player or JRE. In English, this means that you can get hacked just by viewing a web page that contains malicious Flash or Java content.
Many of the vulnerabilities are cross-platform, and between them, they have most OS-browser combinations covered. You are vulnerable until you install the patches. Read the advisories from the vendors and grab the patches.
There are no reported in-the-wild exploits yet, but we might see some soon as enough technical information required to build an exploit has been released publicly for at least a few of these vulnerabilities.
On 13/07/07 At 09:59 PM
__________________________________________________ _______________
Article:
* http://www.f-secure.com/weblog/#00001231