The Channel logo


By | John Leyden 8th November 2005 15:34

Flash, bang, wallop - you're own3d

Macromedia patches 'critical' security bug

Security researchers have discovered a vulnerability in Macromedia's Flash Player that creates a mechanism for hackers to attack the PCs of users running the popular application. The security bug - described as critical - affect Macromedia Flash Player 6.x and 7.x. Macromedia has issued security updates.

The flaw stems from a failure to reject malformed SWF files as invalid. This bug might be exploited by using specially crafted (malformed) SWF file to execute arbitrary code on the machines of users induced into visiting sites under the control of hackers.

Flash Player version and prior on the Windows platform, and in versions prior to on Unix, are reportedly vulnerable. Users are advised to upgrade to Flash Player 8 ( or apply a Flash Player 7 update ( or in order to guard against possible attack. An advisory from Macromedia explaining the security glitch can be found here. The bug was independently discovered by Fang Xing of eEye Digital Security (advisory here) and Bernhard Mueller of SEC Consult (advisory here). ®

alert Send corrections


Frank Jennings

What do you do? Use manual typwriters or live in a Scottish croft? Our man advises
A rusty petrol pump at an abandoned gas station. Pic by Silvia B. Jakiello via shutterstock

Trevor Pott

Among other things, Active Directory needs an overhaul
Baby looks taken aback/shocked/affronted. Photo by Shutterstock

Kat Hall

Plans for 2 million FTTP connections in next four years 'not enough'
Microsoft CEO Satya Nadella


Suit-and-tie-wearing man tries to meditate, take deep breaths in faux yoga pose. Photo by Shutterstock
Emotional intelligence, not tech skills, is the way to woo suits
League of gentlemen poster - Tubbs and Edward at the local shop. Copyright BBC
One reselling man tells his tale of woe