billetbirdcage
04-11-2008, 01:37 PM
New virus alert, any internet connection to infected website (even know good trusted ones can be infected) can cause hard drive to be erased.
You should go to the download link below to make sure you have the newest version of flash, otherwise you like to get infected with mailware, trojans, bots, and/or viruses, just by visiting a website. Even good websites can be source of infection, if the server has become infected.
If you go to http://www.adobe.com/shockwave/welcome/ it will show you whatt version you have installed. This will show the version you have by pointing on the "ABOUT" button. If you don't have the version listed below, you need to go to
( http ://www.adobe.com/go/getflash ) and download the update.
---------------------------- Original Message ----------------------------
Subject: US-CERT Technical Cyber Security Alert TA08-100A -- Adobe Flash Updates for Multiple Vulnerabilities
From: "CERT Advisory" <cert-advisory@cert.org>
Date: Wed, April 9, 2008 8:36 am
To: cert-advisory@cert.org
--------------------------------------------------------------------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
National Cyber Alert System
Technical Cyber Security Alert TA08-100A
Adobe Flash Updates for Multiple Vulnerabilities
Original release date: April 9, 2008
Last revised: --
Source: US-CERT
Systems Affected
* Adobe Flash Player 9.0.115.0 and earlier
* Adobe Flash Player 8.0.39.0 and earlier
Overview
Adobe has released Security advisory APSB08-11 to address multiple
vulnerabilities affecting Adobe Flash. The most severe of these
vulnerabilities could allow a remote attacker to execute arbitrary
code.
I. Description
Adobe Security Advisory APSB08-011 addresses a number of
vulnerabilities affecting the Adobe Flash player. Flash player
versions 9.0.115.0 and earlier and 8.0.39.0 and earlier are affected.
Further details are available in the US-CERT Vulnerability Notes
Database.
An attacker could exploit these vulnerabilities by convincing a user
to visit a website that hosts a specially crafted SWF file. The Adobe
Flash browser plugin is available for multiple web browsers and
operating systems, any of which could be affected.
II. Impact
The impacts of these vulnerabilities vary. The most severe of these
vulnerabilities allows a remote attacker to execute arbitrary code or
conduct cross-site scripting attacks.
III. Solution
Apply Updates
Check with your operating system vendor for patches or updates. If you
get the flash player from Adobe, see the Adobe Get Flash page for
information about updates.
Restrict access
These vulnerabilities can be mitigated by disabling the Flash plugin
or by using the NoScript extension to whitelist websites that can
access the Flash plugin. For more information about securely
configuring web browsers, please see the Securing Your Web Browser
document.
IV. References
* Adobe Security Advisory APSB08-011 -
<http://www.adobe.com/support/security/bulletins/apsb08-11.html>
* Adobe Flash Player Download Center -
<http ://www.adobe.com/go/getflash>
* Understanding Flash Player 9 April 2008 Security Update
compatibility -
<http://www.adobe.com/devnet/flashplayer/articles/flash_player9_security_update.html>
* US-CERT Vulnerability Notes for Adobe Security advisory APSB08-011 -
<http://www.kb.cert.org/vuls/byid?searchview&query=APSB08-011>
* Securing Your Web Browser -
<http://www.us-cert.gov/reading_room/securing_browser/>
__________________________________________________ _______________
The most recent version of this document can be found at:
<http://www.us-cert.gov/cas/techalerts/TA08-100A.html>
__________________________________________________ _______________
Feedback can be directed to US-CERT Technical Staff. Please send
email to <cert@cert.org> with "TA08-100A Feedback VU#347812" in the
subject. __________________________________________________ _______________
For instructions on subscribing to or unsubscribing from this
mailing list, visit <http://www.us-cert.gov/cas/signup.html>.
__________________________________________________ _______________
Produced 2008 by US-CERT, a government organization.
Terms of use:
<http://www.us-cert.gov/legal.html>
__________________________________________________ __________________
Revision History
April 9, 2008: Initial release
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
iQEVAwUBR/zdXPRFkHkM87XOAQIR+ggAk0+t7keRs7OzyAsdG12UtFjyxhee X9Xi
Zl5UNxlnrUIAxe4eO0ySC+7TQm1MaJrBW2yWN7nbtf0pMGRfSu dG78kv2KdVqT4o
SIrFhxIW+a4g2bFh56TEhZGRitMI+Yg3P0YyDA//svYvAQTXoEnBM0I4TBEYkb5C
d2X5O6cEJHpdz6yTlox0lnQb5fkpVsqGqnzagWtBAufEA482e1 LeRiz/ehSs/SRa
iSbkadW30ZStsrRIrF1E7QRS1BF1QZ96C/5pgxl44zBb4d4+Dhjkk21S0hUjI/hm
FFKom4BrBaON+dRpsAWTDwxhM0Dib3YfskvKrdNic+lQ5ow/Mnp0Pg==
=SC0g
-----END PGP SIGNATURE-----
You should go to the download link below to make sure you have the newest version of flash, otherwise you like to get infected with mailware, trojans, bots, and/or viruses, just by visiting a website. Even good websites can be source of infection, if the server has become infected.
If you go to http://www.adobe.com/shockwave/welcome/ it will show you whatt version you have installed. This will show the version you have by pointing on the "ABOUT" button. If you don't have the version listed below, you need to go to
( http ://www.adobe.com/go/getflash ) and download the update.
---------------------------- Original Message ----------------------------
Subject: US-CERT Technical Cyber Security Alert TA08-100A -- Adobe Flash Updates for Multiple Vulnerabilities
From: "CERT Advisory" <cert-advisory@cert.org>
Date: Wed, April 9, 2008 8:36 am
To: cert-advisory@cert.org
--------------------------------------------------------------------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
National Cyber Alert System
Technical Cyber Security Alert TA08-100A
Adobe Flash Updates for Multiple Vulnerabilities
Original release date: April 9, 2008
Last revised: --
Source: US-CERT
Systems Affected
* Adobe Flash Player 9.0.115.0 and earlier
* Adobe Flash Player 8.0.39.0 and earlier
Overview
Adobe has released Security advisory APSB08-11 to address multiple
vulnerabilities affecting Adobe Flash. The most severe of these
vulnerabilities could allow a remote attacker to execute arbitrary
code.
I. Description
Adobe Security Advisory APSB08-011 addresses a number of
vulnerabilities affecting the Adobe Flash player. Flash player
versions 9.0.115.0 and earlier and 8.0.39.0 and earlier are affected.
Further details are available in the US-CERT Vulnerability Notes
Database.
An attacker could exploit these vulnerabilities by convincing a user
to visit a website that hosts a specially crafted SWF file. The Adobe
Flash browser plugin is available for multiple web browsers and
operating systems, any of which could be affected.
II. Impact
The impacts of these vulnerabilities vary. The most severe of these
vulnerabilities allows a remote attacker to execute arbitrary code or
conduct cross-site scripting attacks.
III. Solution
Apply Updates
Check with your operating system vendor for patches or updates. If you
get the flash player from Adobe, see the Adobe Get Flash page for
information about updates.
Restrict access
These vulnerabilities can be mitigated by disabling the Flash plugin
or by using the NoScript extension to whitelist websites that can
access the Flash plugin. For more information about securely
configuring web browsers, please see the Securing Your Web Browser
document.
IV. References
* Adobe Security Advisory APSB08-011 -
<http://www.adobe.com/support/security/bulletins/apsb08-11.html>
* Adobe Flash Player Download Center -
<http ://www.adobe.com/go/getflash>
* Understanding Flash Player 9 April 2008 Security Update
compatibility -
<http://www.adobe.com/devnet/flashplayer/articles/flash_player9_security_update.html>
* US-CERT Vulnerability Notes for Adobe Security advisory APSB08-011 -
<http://www.kb.cert.org/vuls/byid?searchview&query=APSB08-011>
* Securing Your Web Browser -
<http://www.us-cert.gov/reading_room/securing_browser/>
__________________________________________________ _______________
The most recent version of this document can be found at:
<http://www.us-cert.gov/cas/techalerts/TA08-100A.html>
__________________________________________________ _______________
Feedback can be directed to US-CERT Technical Staff. Please send
email to <cert@cert.org> with "TA08-100A Feedback VU#347812" in the
subject. __________________________________________________ _______________
For instructions on subscribing to or unsubscribing from this
mailing list, visit <http://www.us-cert.gov/cas/signup.html>.
__________________________________________________ _______________
Produced 2008 by US-CERT, a government organization.
Terms of use:
<http://www.us-cert.gov/legal.html>
__________________________________________________ __________________
Revision History
April 9, 2008: Initial release
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
iQEVAwUBR/zdXPRFkHkM87XOAQIR+ggAk0+t7keRs7OzyAsdG12UtFjyxhee X9Xi
Zl5UNxlnrUIAxe4eO0ySC+7TQm1MaJrBW2yWN7nbtf0pMGRfSu dG78kv2KdVqT4o
SIrFhxIW+a4g2bFh56TEhZGRitMI+Yg3P0YyDA//svYvAQTXoEnBM0I4TBEYkb5C
d2X5O6cEJHpdz6yTlox0lnQb5fkpVsqGqnzagWtBAufEA482e1 LeRiz/ehSs/SRa
iSbkadW30ZStsrRIrF1E7QRS1BF1QZ96C/5pgxl44zBb4d4+Dhjkk21S0hUjI/hm
FFKom4BrBaON+dRpsAWTDwxhM0Dib3YfskvKrdNic+lQ5ow/Mnp0Pg==
=SC0g
-----END PGP SIGNATURE-----