Wednesday, May 28, 2008

Watch your ass - Adobe Flash zero-day attack in the wild

This is pretty scary since Adobe Flash is as popular as the Internet:
Security researchers have found evidence of a previously unknown Adobe Flash vulnerability being exploited in the wild. The zero-day flaw has been added to the Chinese version of the MPack exploit kit and there are signs that the exploits are being injected into third-party sites to redirect targets to malware-laden servers. From the article: 'Continued investigation reveals this issue is fairly widespread. Malicious code is being injected into other third-party domains (approximately 20,000 web pages) most likely through SQL-injection attacks. The code then redirects users to sites hosting malicious Flash files exploiting this issue.
Fortunately, the better hackers are always in our side:
However, if you want maximum protection, it’s a good time to check NoScript Options|Plugins|Apply these restrictions to trusted sites as well.

This option turns NoScript in an effective security-oriented replacement of the FlashBlock extension, working also with Java, Silverlight and other potentially vulnerable plugins such as QuickTime.

All the active embedded content pieces, no matter where they come from, will be blocked preemptively and you will be able to load them selectively by clicking on visual placeholders.
For those who have been under the rocks for the last several years, NoScript is the add-on of Mozilla Firefox, which is a better browser than Microsoft Internet Explorer, in terms of functionality, performance, and security, that provides whitelist based pre-emptive script blocking approach prevents exploitation of security vulnerabilities (known and even not known yet!) with no loss of functionality.

I, for one, strongly recommend, whitelist based approach to security problems.

No comments: