News
Panda Security: Adobe Flash vulnerability exploited to distribute malware
May 2008 by Panda
PandaLabs, Panda Security’s malware detection and analysis laboratory, is warning of a new vulnerability in Adobe Flash which is being used to distribute malware.
Cyber-crooks are distributing .swf files (the Flash extension) crafted to exploit the new vulnerability in Adobe Flash in two different ways. In some cases, when a user visits a Web page containing one of these modified files, the browser will interpret code within the file as a command to download a certain type of malware. In other cases, the code included in the Flash file redirects the user (in the background) to a malicious Web page designed to launch new attacks against the system, and to drop malware on the computer.
Interestingly, the creators have designed codes to affect different browsers. PandaLabs has already detected the distribution of Wow.UB Trojan using this method, although the range of malicious code distributed in this way could increase over the next few hours.
PandaLabs advises users not to run suspicious .swf files, and to be on the lookout for updates published by Adobe to resolve this security problem.
