AfterDawn: Tech news

Adobe fixes multiple flaws in Flash Player

Written by James Delahunty (Google+) @ 09 Apr 2008 23:35 User comments (4)

Adobe fixes multiple flaws in Flash Player Adobe's Flash Player is used to display graphics content on millions of websites around the world, as well as being one of the (if not "the") most used technologies to drive the Internet video revolution. As a result, it has support in a large number of browsers installed on users' machines, and so it is an attractive target for those who seek to deliver malware to your computer.
A term has even been coined to address the occurence and growth of malware being delivered to a users' PC through a flash advertisement; Malvertisement. It was a flash vulnerability that won Shane Macaulay a laptop at the PWN TO OWN convention when he successfully broke into a machine running Windows Vista.

"These vulnerabilities could be accessed through content delivered from a remote location via the user's web browser, e-mail client, or other applications that include or reference the Flash Player," Adobe wrote in its advisory, in which it classifies its patches as "critical".

Back in January of this year, Adobe and a group of related companies fixed their software to block malicious individuals from creating .SWF files that enabled cross-site scripting attacks.

Previous Next  

4 user comments

110.4.2008 6:30
susieqbbb
Inactive

another vista flaw..

If you can break into a system by using a third party app your code is the most worthless piece of garbage ever.

210.4.2008 6:42
varnull
Inactive

Good.. Adobe make pretty junk applications.

In this day and age swf is like some monstrosity from the past.. Proprietary software cobbled together, full of bugs and exploits. It was useful back in the day, but now with faster internet and better pc's it's outmoded by modern methods.

Webmasters should reject this obsolete technology and move forward with properly streamed video instead of relying on this restricted junk.

310.4.2008 9:30

Adobe needs to get their head out of you know where. Try to install Flash Player on some PC's and it won't even authenticate the installation. Also, some pages that use FLV for their main video source (YouTube, Weather Channel) error with an "swf.cab" being blocked within Internet Explorer. (Yeah I use FireFox, but IE is used by IT here at work, so I have to live with it.)

Also Adobe Reader 8 doesn't open linked file names with spaces in them (all previous versions did) causing problems with in-house software and even website browsing at times.

Adobe Acrobat 7 and 8 have TRILLIONS of installation problems. Sometimes the only way to install it on a PC is to reinstall Windows from scratch!

Adobe NEEDS to clean up their act!

411.4.2008 12:13
nobrainer
Inactive

Is this the new DRM bug i wonder, the one that stops you making your own content.

http://arstechnica.com/news.ars/post/200...gered-list.html

Originally posted by read above link:
The draconian Digital Millennium Copyright Act (DMCA) broadly prohibits circumvention of copy-protection mechanisms, and thus criminalizes the exercise of fair use rights on DRM-encumbered content. The failure of the DMCA to provide adequate exceptions and safeguards for fair use, critics say, undermines the underlying principle of the copyright system, which is to promote creativity by establishing a fair balance between the rights of content producers and content consumers. All too often, lawmakers focus on protecting the content industry and forget that the permissive elements of copyright law—like fair use and the public domain—are just as essential to fulfilling the purpose of the system.



its the same old story, DRM used to keep the gatekeeper approach to media, so that only corporations can sell their wares and block users from uploading free content they have made them selves. I think adobe are taking a leaf out of the RIAA/IFPI/MPAA's book!

This message has been edited since its posting. Latest edit was made on 11 Apr 2008 @ 12:14

Comments have been disabled for this article.

News archive