A recent vulnerability in the latest Adobe Flash version lead to a massive attack. More than 220000 pages on the Internet have been hacked most likely with an automated tool using a SQL injection attack. Those pages, some of well respected companies such as Nokia but also many non-profit organizations and town websites, redirect the user to websites that host the exploits for the Flash vulnerability.
If the system meets the requirements the exploit is used to download and execute trojans that steal information and droppers that download additional trojans. Information that are stolen are for example World of Warcraft account information while the droppers download files that add the computer to a botnet. (according to Trendmicro)
Most antivirus companies have already updated their software to disable the possibility that this exploit can be used on the computer the software is running on. Your best bet if you do not use antivirus software is to either disable Flash for now or use an extension like NoScript to block Flash on every domain but trusted ones.
Enjoyed the article?: Then sign-up for our free newsletter or RSS feed to kick off your day with the latest technology news and tips, or share the article with your friends and contacts on Facebook or Twitter.
Related Articles:
New Information about latest Flash VulnerabilityCritical Adobe Reader And Flash Vulnerabilities Emerge
Adobe Reader Security Vulnerabilities
Mozilla Checks Flash Version After Firefox Updates
New 0-day Adobe Vulnerabilities
I recommend flashblock :) it just targets flash
I recommend Firefox with noscript, it blocks all scripts from running, not just flash.
It’s actually not one but two latest versions
Adobe Flash Player 9.0.124.0
Adobe Flash Player 9.0.115.0
http://www.securityfocus.com/bid/29386/info