Another Flash exploit, fix 2 weeks away
- Started
- Last post
- 12 Responses
- comicsans
Who are these f**king cowboys? http://www.adobe.com/support/sec…
They say there is no known exploit, I bet there is by now or will be soon.
- ernexbcn0
niiiiiiiiiiiice
- georgesIII0
man, you just ruined my day,
I can't believe it,
what AM I SUPPOSE TO DO NOWWWWW.- switch to Mac.CyBrain
- but how can I be different if I switch to mac just to be like everyone else who switched to mac just to be different?georgesIII
- it affects the mac version of Flash player tooernexbcn
- ernexbcn0
@georgesIII you can uninstall Flash player or disable the plugin if your browser allows it, at least until Adobe releases the fix.
- georgesIII0
But what does this exploit do?
is it similar to the thousand other exploit found every year?
or should i be scared, that some hacker log into my comp and steal all god sent pron?
- ********0
Better to know about them, and have them publicised.
- ernexbcn0
"This vulnerability (CVE-2010-2884) could cause a crash and potentially allow an attacker to take control of the affected system"
You just need to go the wrong website and they can do whatever the fuck they want with your PC, and it's being actively exploited right now (for Windows at least).
- oooh just that,
I thought it was something seriousgeorgesIII - we all know that you don't have anything worth stealing in your PC, but thanks for reminding usernexbcn
- ahhaha ernexbcn,
you know for how many years I've heard these stories, if I got a penny everytime someone cried PATCH, I'll be rich as John CamerongeorgesIII - PATCH, I'll be rich as John CamerongeorgesIII
- some people do get fucked by these things, specially on Windows just by visiting a websiteernexbcn
- and removing some of the malware is a bitch, sometimes you need a complete reinstallernexbcn
- and some install keyloggers so they can go to your mailboxes, get credit card info, etcernexbcn
- I don't want to start a big debate here, but those are the same people who respond to spam, they kinda deserve it,georgesIII
- if your computer is setup carefully and you have installed a combo anti virus /malware detect and firewall, you should have a problem, I never had onegeorgesIII
- problem I've been lurking in the weirdest site of the net and if someone is trying to exploit you, your antivirus should detect it right awaygeorgesIII
- if you read the article from the ISC it says it will take a while before antivirus detect these thingsernexbcn
- Just a Q, are you on PC or Mac ErnexbcngeorgesIII
- Mac OS Xernexbcn
- OK, have you ever used a Pc before, like a work machine and how many time did it get infected? I'm just inquiringgeorgesIII
- sure, only had a virus in the early 90s, I've been using PCs since 1986ernexbcn
- but I'm a geek and know WTFernexbcn
- same here, you see my point is, it is not really the computer that will lead you to getting infected it is the clueless user that will be carelessgeorgesIII
- carelless no matter what OS he runs, I had this theory that the more a OS have user the more easy it is for hackers to target it.georgesIII
- I know, but when all it takes is simply clicking a link it's worth spreading the word outernexbcn
- I'm pretty sure when OSx will hit 25% users share, it will be targeted as hell too, someone always find a flawgeorgesIII
- oooh just that,
- ernexbcn0
"Keep an eye out for this one folks. It will take a bit for the anti-virus, IDS/IPS and other vendors to catch up and detect the malware that exploits the vulnerability. Although by that point the box affected may well be compromised as most detect after the exploit has already taken place. Since the vendor has released the advisory after being notified that exploits are already occurring against Windows boxes it is recommended to explore workarounds for mitigation, detection of already compromised hosts, and cleanup."
- georgesIII0
can a firewall block this,
I use zone alarm and little snitch,
can this exploit use a door without getting detected?
- ********0
If you use Linux, no viruses.
- and no Adobe CSernexbcn
- I remember a time when we would say, 'If you use Mac, no viruses.' Those were the days.Continuity
- PIZZA0
"can a firewall block this"
No, the bad shit would be inside the Flash file so it's already got past your firewall. You might be able to detect it trying to fuck up your system once you have been exploited though, but that depends on how well the trojan is programmed/if they took your precautions into account when developing it.Definitely advise running a Flash blocker for ALL Flash and then whitelist as required.