Skip to content

Adobe Flash contains an unpatchable flaw

November 13, 2009

Targeted Attacks 2009That can’t be good.  I wrote some time ago about how Adobe Acrobat Reader made up nearly 50% of targeted attacks in 2009, you can read about it here.  Now news has come out that Adobe Flash has a security flaw in it that can’t be patched!  This is not good news to say the least but, what makes it worse is that basically anybody who allows Flash to run in their browser is vulnerable…..and that would be, um…..just about everybody.

All hackers need to do to exploit this flaw in Flash is upload a malicious flash object to any site that allows users to upload content.  This includes sites such as Gmail and Hotmail.  Also pretty much any social media site, career site, dating site, many retail sites and also many Cloud applications.

Adobe is trying to educate site administrators to close the hole on their end, since Adobe is saying the flaw is unpatchable.  This is all well and good except that even some of Adobe’s web properties are vulnerable.  As Mike Murray, the chief information security officer at Foreground Security said:

How can Adobe expect others to protect themselves when they can’t do it themselves?

You can read the whole story from infoworld here, including what steps you can take to protect yourself as a web surfer.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: