SQLServerCentral is supported by Red Gate Software Ltd.
 
Log in  ::  Register  ::  Not logged in
 
 
Home Tags Articles Editorials Forums Scripts Videos Blogs QotD Books Ask SSC SQL Jobs Training Authors About us Contact us Newsletters Advertise Write for us


 

K. Brian Kelley - Databases, Infrastructure, and Security

Add to Technorati Favorites Add to Google
Author Bio
Brian is a SQL Server author, columnist, and Microsoft MVP focusing primarily on SQL Server security. He is a contributing author for How to Cheat at Securing SQL Server 2005 (Syngress) and Professional SQL Server 2008 Administration (Wrox). Brian currently serves as a database administrator / architect for AgFirst Farm Credit Bank where he can concentrate on his passion: SQL Server. He previously was a systems and security architect for AgFirst Farm Credit Bank where he worked on Active Directory, Windows security, VMware, and Citrix. In the technical community, Brian is president of the Midlands PASS Chapter, an official chapter of PASS. Brian is also a junior high youth minister at Spears Creek Baptist Church in Elgin, SC.
Author's SSC Profile
View this Author's Articles
 

Adobe Flash Player Update Available

By K. Brian Kelley in K. Brian Kelley - Databases, Infrastructure, and Security | 03-06-2009 9:15 AM | Categories: Filed under: ,
Rating: (not yet rated) |  Discuss | 2,768 Reads | 24 Reads in Last 30 Days |2 comment(s)

There is an Adobe Flash Player available to address a security issue. The bulletin shows as being released February 24, 2008, however, my system didn't show an alert for it until this week. Details here:

Flash Player update available to address security vulnerabilities  Vulnerability identifier: APSB09-01

The reason I flag it is there are worms going around hitting the social networking sites and one of them tells you that Flash Player is out of date and needs to be updated. It's a new variant of Koobface (Worm_Koobface.AZ) and it spreads by you receiving a link about a new movie from a friend. When you go to click on the movie, it tells you that you need to update Flash and, of course, the executable you download is not an update to Flash but malware. It's a straight-forward social engineering attack but it is effective.

Given that, the best bet is to go directly to www.adobe.com and update Flash Player from that site directly. If you get a different notice saying Flash needs to be updated, you know it's bogus.

 

Comments
 

Jack Corbett said:

Wish I'd have read this before I updated Flash this morning.  I'll have to double-check my laptop now.

March 6, 2009 9:02 AM
 

SQL Server Central | Software OEM Discount said:

Pingback from  SQL Server Central | Software OEM Discount

March 6, 2009 9:32 PM
Leave a Comment
Only members of SQLServerCentral may leave comments. Register now for your free account or Sign-In if you are already a member.
 
 
Copyright © 2002-2010 Simple Talk Publishing. All Rights Reserved. Privacy Policy. Terms of Use