Macromedia urges update to fix Flash flaw

By
Follow google news

Macromedia announced a vulnerability in its Flash Player 7 program earlier this month, warning users that they could leave PCs open to malicious code.

The company released the advisory on Nov. 2, months after the flaws were reported by eEye Digital Security and Sec Consult in June. In a bulletin on its website, Macromedia said the vulnerability on Flash Player versions 7.0.19.0 and earlier left PCs open to third-party hijackings.


"There was a problem with bounds validation for indexes of certain arrays in Flash Player 7 and earlier, thus leaving open the possibility that a third party could inject unauthorized code that would have been executed by Flash Player," the bulletin reads.

Macromedia recommended that users download Flash Player 8, which contains a fix for the vulnerability. Users of PCs that do not support Flash Player 8, such as Windows 95 or NT or classic Macintosh operating systems should refer to the Flash Player 7 update Technote, according to the advisory.

Steve Manzuik, product manager with eEye, said he believes many companies are not responding quickly enough to vulnerabilities.

"I think it was probably a matter of finding the right patch," he said. "In general, I think everyone is taking too long to respond," he said.

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © SC Magazine, US edition
Tags:

Most Read Articles

National photo licence recognition system set to go live in 2025

National photo licence recognition system set to go live in 2025

Hackers using F5 devices to target US gov networks

Hackers using F5 devices to target US gov networks

Qantas says customer data released by cyber criminals

Qantas says customer data released by cyber criminals

Austrade to replace its data centre core network

Austrade to replace its data centre core network

Log In

  |  Forgot your password?