Security Labs

Alerts

BOOKMARK THIS ALERT
  digg   |     del.icio.us   |     reddit
  newsvine   |     furl   |     technorati

Mass exploitation with Adobe Flash

Date:05.29.2008

Threat Type: Malicious Web Site / Malicious Code

Websense® Security Labs™ ThreatSeeker™ technology has detected thousands of web sites infected with the recent mass JavaScript injection that exploits a vulnerability in Adobe Flash (CVE-2007-0071) to deliver its malicious payload. This attack has been previously mentioned in ISC and Adobe's blog.

This vulnerability is not a 0-day and users with the latest version of Flash Player (version 9.0.124.0) are safe. However, there are still many on older versions of Flash that are unaware of this mass web infection and are susceptible to this drive-by attack. An update to the latest version of Flash Player is highly recommended.

Websense ThreatSeeker has been tracking these malicious web sites and have discovered numerous reputable web sites that are now unwilling participants, infecting their very own visitors. These sites are from various industries such as government, education, healthcare, finance, media, and entertainment. This attack also attempts to exploit other popular vulnerabilities such as MDAC, RealPlayer, and various ActiveX controls.

Websense customers are protected from this drive-by threat.

The following are web site screenshots from: Microsoft, Dept. of Education (Australia), PBS, Durex, CDC (Centers for Disease Control and Prevention), Discovery Channel, various universities and a Pakistani district government.