Flash flaws found and fixed

Submitted by Rollie Hawk on Tue, 2005-11-08 10:29.

Have you noticed an icon in your system tray lately giving a subtle hint at a Flash update? If you planned on just waiting for the next feature-rich update to Flash before taking the time to click that icon, you may want to go ahead and do it. This isn't your average Flash update but rather the fix for a flaw that even Macromedia has labeled "critical."

According to Macromedia, this flaw was pointed out by SEC Consult and eEye Digital Security. Both of their respective advisories date the discovery of this flaw back to June 27 of this year and eEye measures patch development at 130 days.

The nature of this flaw is that the execution of arbitrary code is made possible via an improper memory access vulnerability. Current releases of Flash 7 and Flash 8 are now said to be patched.


( categories: News | Security/Privacy )
Rollie Hawk is a consultant, web publisher, online personality, magazine writer, web developer, network administrator, teacher, husband and father residing in southern Illinois. He graduated in 2002 from Southern Illinois University, earning his BS majoring in math with a minor in chemistry.

Rollie is a certified math teacher with endorsements in chemistry, physics, and physical science and has taught students of all age groups and abilities, ranging from grade school to the university level. In addition to math and science, he has also taught GED, job skills, and alternative high school classes (his personal favorite).

After the birth of his daughter in 2004, Rollie decided to spend more time at home. This meant leaving his teaching position and devoting his working hours exclusively to consulting, web development, and general IT work.