Telstra has revealed the addition of almost one million new mobile services in the six months to December 2011, but Sensis revenues plummeted 24 percent in 12 months.
Investigations are continuing around a known Zero-Day exploit of Adobe Flash Player versions 9.0.124.0 and older.
According to a Security Focus advisory recently released; “Adobe Flash Player is prone to an unspecified remote code-execution vulnerability.
An attacker may exploit this issue to execute arbitrary code in the context of the affected application. Failed exploit attempts will likely result in denial-of-service conditions.
Adobe Flash Player 9.0.115.0 and 9.0.124.0 are vulnerable; other versions may also be affected.”
The exploit consists of redirection scripts posted in infected websites. The script does a quick check of the version of Flash Player installed, based on the result it then runs an associated .SWF file (shockwave) to take control of the users computer
A further announcement from Security Focus expands on the threat indicating that though the exploit was firstly discovered in a couple of Chinese language websites, it looks to be spreading. According to Security Focus; “Continued investigation reveals that this issue is fairly widespread. Malicious code is being injected into other third-party domains (approximately 20,000 web pages), most likely through SQL-injection attacks. The code then redirects users to sites hosting malicious Flash files exploiting this issue.”
In direct response to this issue Symantec have raised their ThreatCon indicator to 2 (medium: increased alertness). An indication that malicious code threats have reached a moderate risk level.
Network administrators should be aware of the issue and be prepared to block ip addresses in firewalls and proxy servers as they come to hand.
[UPDATE] ThreatCon has been lowered to level 1 and version 9.0.124.0 of Adobe Flash Player has been identified as rectifying this issue.
David Bass
| For the fourth year in a row, IDC has placed content security provider Websense (NASDAQ: WBSN) at the top of the IDC Worldwide Web Security 2011 –…
How to Make Business Discovery Work for Your Business
Business Discovery takes its cues from consumer apps. Like Google, it encourages us- ers to hunt for and explore data without worrying about or even noticing the underly- ing technology. Their entire experience is working within an intuitive interface to get real-time, self-service results with only minimal training. ...more
Try an easy-to-use set of web-enabled
tools for business-class productivity services. Office 365 provides
anywhere-access to email, important documents, contacts, and calendars
on almost any device.
LATEST HEADLINES FROM YOUR IT
