All clear for Flash Player: current version not vulnerable

June 2, 2008 – 6:09 AM

The reported security hole in Flash Player can now be given the all clear. The general consensus is that users of the current version are safe. For the first time ever Secunia, one of the most reliable sources of information about security issues, has even revoked its advisory about the hole in Flash Player.

Antivirus vendors have also backtracked and confirmed that the reported exploit only works in a previous version of the player. However, they intend to remain vigilant because the significance of the file named WIN%209,0,124,0ff.swf which appears on infected web pages remains unclear. This file name gave rise to the assumption that the current version could be affected.

The current version of Flash for Windows, Linux, Mac and Solaris has been available for download from Adobe’s web page since the beginning of April. Apple recently deployed the current version for the Mac platform in an update. If you want to be extra sure you can use FlashBlocker or NoScript to block Flash applets at least in Firefox.

Source: Heise Security

You must be logged in to post a comment.