Flash users urged to upgrade against critical flaw


Flash users urged to upgrade against critical flaw

Antony Savvas

Macromedia has admitted to a “critical” security flaw in its Flash Player software, which could allow attackers to run arbitrary code on a user’s PC.

Flash is one of the most widely used pieces of software among PC users so the impact of the flaw is potentially huge.

The flaw known to affect users of Microsoft’s Internet Explorer browser, which make up over 85% of internet users, and the small number of users who have the Opera browser. Other browser users could also be affected though.

The company has urged users to upgrade their Flash software to version which contains a fix to the problem.

Users who have already upgraded to Flash Player 8 are not affected by the problem, said the firm.

Macromedia said there is a problem with bounds validation for indexes of certain arrays in Flash Player 7 and earlier, which leaves users open to the possibility that a third party could inject unauthorised code onto their machines that would have been executed by Flash Player.

Internet security companies eEye Digital Security and Sec Consult reported the problem to Macromedia.

Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting your personal information, you agree to receive emails regarding relevant products and special offers from TechTarget and its partners. You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

COMMENTS powered by Disqus  //  Commenting policy