Click here to monitor SSC
SQLServerCentral is supported by Red Gate Software Ltd.
 
Log in  ::  Register  ::  Not logged in
 
 
 

K. Brian Kelley - Databases, Infrastructure, and Security

IT Security, MySQL, Perl, SQL Server, and Windows technologies.

Adobe Flash Player Update Available

There is an Adobe Flash Player available to address a security issue. The bulletin shows as being released February 24, 2008, however, my system didn't show an alert for it until this week. Details here:

Flash Player update available to address security vulnerabilities  Vulnerability identifier: APSB09-01

The reason I flag it is there are worms going around hitting the social networking sites and one of them tells you that Flash Player is out of date and needs to be updated. It's a new variant of Koobface (Worm_Koobface.AZ) and it spreads by you receiving a link about a new movie from a friend. When you go to click on the movie, it tells you that you need to update Flash and, of course, the executable you download is not an update to Flash but malware. It's a straight-forward social engineering attack but it is effective.

Given that, the best bet is to go directly to www.adobe.com and update Flash Player from that site directly. If you get a different notice saying Flash needs to be updated, you know it's bogus.

 

Comments

Posted by Jack Corbett on 6 March 2009

Wish I'd have read this before I updated Flash this morning.  I'll have to double-check my laptop now.

Posted by Anonymous on 6 March 2009

Pingback from  SQL Server Central | Software OEM Discount

Leave a Comment

Please register or log in to leave a comment.