Monday, December 24, 2007

Cue Security Spotlight 2: Flash Vulnerability and Patch

Yep. More.

This one will be more focused:

A new hole has been found in Adobe's Flash product.

Background

This involves browsing a web-site with Flash content that is seeded with special JPG image files is processed.  Also possible is manipulation of HTTP headers.

Solution

Download and apply the latest version of Flash

Source - Easiest for most users. Download and install.

Don't Forget

You still need to remove/uninstall the older version first.

This may be a bit of a challenge as Flash doesn't by design uninstall previous versions when it installs a new version.

So you have some choices:

  1. Uninstall the Adobe Flash Player plug-in and ActiveX control first BEFORE putting the new version on your system, or
  2. Run The Secunia Software Inspector on line and let it find the outdated file.  Then go in and manually delete it from your system.

If you try technique two, you may find that despite all attempts, you will be unsuccessful in removing it due to file security settings in Windows.

If this is the case, follow my blog post Flash9c.ocx Strangeness to learn the technique on how to handle this.

One More Thing: Flash can Port Scan your System!

This patch still does not take care of the long-running Flash vulnerability that could allow someone to run a port-scan via Flash on your system.

Design flaw in AS3 socket handling allows port probing: Description and PoC of a Flash 9/AS 3 port scanner - More details here as well as a proof of concept tester.

Source code for the demonstration here.

Run the tester at the very bottom and you will see which ports it is able to find open on your system.

Not a likely exploit, but interesting, nonetheless.  And still unpatched.

--Claus

No comments: