Hackers exploit unpatched Adobe Flash bug

A vulnerability in Adobe's Flash player may affect as many 92% of all Windows PC users
Hackers exploit unpatched Adobe Flash bug
Adobe is not due to release a patch for the vulnerability until Thursday.
By Mark Sutton
Tue 28 Jul 2009 10:00 AM

Ninety-two percent of all Windows users are vulnerable to a bug in Adobe’s Flash player, that can allow hackers to launch ‘drive-by’ attacks from infected websites, according to a Danish security company.

The critical bug, which effects Adobe’s Flash Player, Acrobat and Reader applications, apparently came to light at the end of last year, although attacks that exploit the vulnerability have only recently been seen ‘in the wild’.

Initial attacks used the bug in Flash to insert a malicious PDF onto a users PC. In some cases this has resulted in the user’s system locking up, with malicious code then executed on the computer, although the purpose of this is unknown.

The exploit has been detected on thousands of malicious or compromised websites, according to anti-virus vendors.

Acrobat and Reader are also vulnerable to the exploit as they include a function to handle Flash content embedded in PDF files

Adobe has said that it will release patches to solve the problem, with a Flash patch due on 30th July 30, and fixes for Reader and Acrobat one day later.

In the meantime, Adobe is advising users to delete or disable the vulnerable component in the application. For further instructions see the security advisory.

Secunia reported the vulnerable Flash Player 10 on the PCs of 92% of its 900,000 users, with version 9, which is also vulnerable on a 31% of all PCs. Abode Acrobat 9.1.2 was present on 2% of machines and Adobe Reader 9.1.2 was found on 48%.

For all the latest tech news from the UAE and Gulf countries, follow us on Twitter and Linkedin, like us on Facebook and subscribe to our YouTube page, which is updated daily.

Subscribe to our Newsletter

Subscribe to Arabian Business' newsletter to receive the latest breaking news and business stories in Dubai,the UAE and the GCC straight to your inbox.