Hack and spam, it seems, a popular work in an effort to look for weak points in various applications. It seems that recently discovered used to try to use one of Adobe Flash unpatched vulnerabilities. According to one post yesterday at McAfee AVERT Labs, the security company has received a number of samples, which many different sources of spam domains.
McAfee have samples of these allegations very seriously and began investigations in this matter. It seems that when browsing the site, which serves the spirit of SWF McAfee found a link leading to mass recently reported hacks. As in early May reported attacks infected sites, reference external script, which for this new Adobe Flash-related vulnerability appears to be an SWF file. Perhaps this SWF files leads to a similar name WIN% 209,0124,0 i.swf (WIN 9,0124,0 i.swf). The file is now offline.
McAfee is unable to confirm that the last SWF file is an attempt to use the above-mentioned Adobe Flash vulnerability, but Symantec, referred to the same domain, which will serve older use. In addition to the opening of Symantec, without giving any other domain and 2 spirit is called WIN% 206,0,79,0 ff.swf (WIN 6,0,79,0 ff.swf) and win% 206,0,79, ie 0 . swf (WIN 6,0,79,0 ie.swf), also offline.
McAfee draws three conclusions from all of the above files. It seems that a different spirit are built for different versions of Adobe Flash, which is 9.0.124.0 and 6.0.79.0, which are quite old. Version operational suspected to be either available or under development and is expected to focus on other operating systems in addition to Microsoft Windows. The conclusion is that uses specially designed for the two most frequently used applications browsing the Internet, namely Internet Explorer and Firefox.
Currently, there are no more details are available for this vulnerability, but McAfee promises to provide consumers with more details as the investigation moves along.
0 comments:
Post a Comment