Hello all,

There's been a problem found with Macromedia Flash and IE/Opera, here's a snipett from a Panda AV newsletter:

Madrid, December 18, 2003 - Macromedia has released a new version of Macromedia Flash Player to resolve a vulnerability -discovered in Internet Explorer and Opera- which could be used to access certain local files.

Although the problem has been detected in Internet Explorer and Opera, an attacker could exploit it in combination with the local Flash data file to access other information stored on the affected system.

The update supplied by Macromedia stores Flash files in a way that they cannot be accessed by applications other than Flash Player, preventing applications such as Internet Explorer or Opera from using them. This stops an attacker from exploiting vulnerabilities in these browsers to access -via Flash files- other information on the system.

Macromedia has classified the update as 'important' and recommends that users install it. This is all the more important bearing in mind that at present there are no patches for the vulnerabilities in Internet Explorer and Opera.

The new Macromedia Flash Player (7,0,19,0) is available at: http://www.macromedia.com/go/getflashplayer

More information from:
http://www.macromedia.com/devnet/sec...mpsb03-08.html


RRP