First Shockwave virus (amazing shite)

[Matty_Cross]

Macromedia will release a workaround to disable the file association between Flash files and the local Flash player within a couple of days, Macromedia's Santangeli said. In addition, the company plans to close the hole in the player by the next version.
Quote from C|Net article

I would really have to ask, what kind of a work around is disabling the file associations. If the user is a flash developer, (and you know there are lots of them) then this will just get in be a nuisance.


quote:
--------------------------------------------------------------------------------
The virus, dubbed SWF/LFM.926, is low risk because it must be downloaded manually and cannot spread itself to other computers over e-mail or through Web browsers like many other viruses can, experts said.
--------------------------------------------------------------------------------

Ever been to Joe Cartoon ? This site is packed with flash animations for which its easy for a general user to download and play later from their computer.
While this Flash virus is just a proof-of-concept virus, and has a low spread threat, it is still a danger, as flash is one of the most common things found on the internet.
I have seen people who can't even send emails properly figuring out how to leech the flash animations off sites.. its not hard to do, and they share them... this makes the propagation of the virus a lot easier...

[Conf1rm3d_K1ll]

Originally posted by Matty_Cross


I have seen people who can't even send emails properly figuring out how to leech the flash animations off sites.. its not hard to do, and they share them... this makes the propagation of the virus a lot easier...

How very true....


"Hey look everyone! Frog in a blender! How funny! Lets double click it! That's the funniest thing I've seen!............How come my PC wont boot?"


Remember The Preacher telling us about people on his network using Tiny Firewall? "What's this Sub7 thing that keeps asking for access? I'd better just let it so it stops bothering me."


You can have the best security in the world but most vulnerabilities come come from the inside.......Mainly, peoples stupidity or ignorance.

[Vorlin]

I would really have to ask, what kind of a work around is disabling the file associations. If the user is a flash developer, (and you know there are lots of them) then this will just get in be a nuisance.

It's exactly that, hehe...a 'workaround' whereas an actual "fix" would involve a code change or something of the kind, not just disabling something. Programmers are often stuck in meetings and spending less than half their day actually programming and still expected to meet deadlines so they end up hurrying to make it and overlook something invariably important. This is just the beginning I'm afraid and now it's time for people like us to step up and figure out how these things work so we can fix them. Being one step ahead of the game is a good thing and this is where open source really shines. That's just my opinion though...

[Maverick811]

Conf1rm3d_K1ll had it right by saying that the threat a lot of times comes from users from within your network. You can place a lot of security on the perimeter, but there are some things that your users can do to still infect systems. And the bad thing, they don't know the difference; we try to educate them, but that's never 100%. We just have to constantly be on our toes and watching out as best as we can. Viruses are just something we will be living with - whether it's a simple script file that comes in via email or the newly recognized Flash exploits (although not a huge problem now, but potentially could be). We'll just have to deal with them.

[Matty_Cross]

Originally posted by Vorlin


It's exactly that, hehe...a 'workaround' whereas an actual "fix" would involve a code change or something of the kind, not just disabling something. Programmers are often stuck in meetings and spending less than half their day actually programming and still expected to meet deadlines so they end up hurrying to make it and overlook something invariably important. This is just the beginning I'm afraid and now it's time for people like us to step up and figure out how these things work so we can fix them. Being one step ahead of the game is a good thing and this is where open source really shines. That's just my opinion though...

Well, generally, workarounds are to allevate the problem that is faced, but in a temporary manner, whereas the fix is the solid solution to the problem.

I don't see this as being a workaround, as it doesn't actually help anything. It just makes the problem more unbearable by taking away from the functionality of your system.

But that's just my view on the matter.
Rather than applying the workaround, I think I'll just wait for my antivirus software to detect it.

[Vorlin]

Rather than applying the workaround, I think I'll just wait for my antivirus software to detect it.

Yeah, hehe...aren't those guys pretty much on top of it all? Then again, for all we know, these "virus writers" could very well be on the antivirus' companies payroll (not like that hasn't been brought up countless times, haha).

[Maverick811]

Originally posted by Vorlin


Yeah, hehe...aren't those guys pretty much on top of it all? Then again, for all we know, these "virus writers" could very well be on the antivirus' companies payroll (not like that hasn't been brought up countless times, haha).

You know, I've wondered that before, hmmm How would we ever know? The same goes for releasing things like movies, music CD's, etc, before they are even released to the public - somebody is corrupt working from the inside and giving this stuff out. So I wouldn't be at all surprised if there were some virus writers working at antivirus companies. Who knows