Wirehead Studios

General Discussion => Rants and Randomness => Topic started by: Phoenix on 2009-02-26, 02:29



Title: Serious Security Flaw in Adobe Flash
Post by: Phoenix on 2009-02-26, 02:29
Quote
According to iDefense Labs, remote exploitation of the vulnerability in the Flash player could allow an attacker to execute arbitrary code with full user privileges. That means anything you could do with your PC, the attacker could, too.
http://tech.yahoo.com/news/nf/20090225/tc_nf/64910

Be careful what you click on.  If you're using a Mozilla-based browser, I highly recommend the NoScript extension, which allows powerful control over javascript and blocks Flash by default.  You can easily whitelist trusted sites.


Title: Re: Serious Security Flaw in Adobe Flash
Post by: Moshman on 2009-03-02, 01:20
What the shit?
You mean to tell me that if there's some stupid advertisement in flash, someone could use that .swf to control my PC, even get my personal infos?

Damn.
/installs NoScript extension


Title: Re: Serious Security Flaw in Adobe Flash
Post by: ReBoOt on 2009-03-02, 07:41
im looking forward to fix these computers once comprimised :P..or not..but then again i usually like hackers n virus makers since they create work for us even thought removing viruses and exploits aint that much my favorite but moneys is moneys :)

Anyways time to update your flash ppls!


Title: Re: Serious Security Flaw in Adobe Flash
Post by: Pigwidgey on 2009-03-08, 04:25
Thank god I have antivirus, antispy, identity theft protecter, and computer repair plus firewall all running 24/7 on my computer. :doom_thumb:


Title: Re: Serious Security Flaw in Adobe Flash
Post by: Angst on 2009-03-08, 19:05
It's actually notably worse than a number of places will credit.

I've had a number of machines recently succumb to this particular exploit. Between Java, Flash, and Adobe Reader.

Any one of the 3 above are a potential infection vector right now, and one of the more popular bugs caught in this fashion is good 'ol Virtumonde. Occasionally you'll catch a search redirect or popup app on top of it.

Malware is easy enough to clean, but virtumonde annoys the !#$% out of me. Academically, it's a tenacious bug, but it's a tough one to protect against and reinfection is all but guaranteed. I've had strains of this bug go so far as to pose as a legitimate cached windows update, being almost indetectable until you reboot and find yourself reinfected. On top of that, if you get one of the particularly nasty ones, it will also disables any and all antivirus software, as well as updates, and even the domains associated with useful removal tools.

FYI, I believe there was a remote infection exploit involving this as well, allowing a 3rd party to infect ads and the like.


Title: Re: Serious Security Flaw in Adobe Flash
Post by: Phoenix on 2009-03-08, 20:45
You know you never had this problem with the old Atari 2600...


Title: Re: Serious Security Flaw in Adobe Flash
Post by: fourier on 2009-03-08, 22:20
It's actually notably worse than a number of places will credit.

I've had a number of machines recently succumb to this particular exploit. Between Java, Flash, and Adobe Reader.

Any one of the 3 above are a potential infection vector right now, and one of the more popular bugs caught in this fashion is good 'ol Virtumonde. Occasionally you'll catch a search redirect or popup app on top of it.

Malware is easy enough to clean, but virtumonde annoys the !#$% out of me. Academically, it's a tenacious bug, but it's a tough one to protect against and reinfection is all but guaranteed. I've had strains of this bug go so far as to pose as a legitimate cached windows update, being almost indetectable until you reboot and find yourself reinfected. On top of that, if you get one of the particularly nasty ones, it will also disables any and all antivirus software, as well as updates, and even the domains associated with useful removal tools.

FYI, I believe there was a remote infection exploit involving this as well, allowing a 3rd party to infect ads and the like.

Could not agree more.  Virtumonde is the second most irritating virus I've ever encountered, and it seems to be all over people's computers.

The only virus more agitating (to me at least) really doesn't have a name.  The only file that it always has, though, is ... udxfytw.sys.  Now, to be fair, I believe the thing I encountered was actually a variant of the "normal" one, since absolutely none of the removal software could get rid of it.  I think only one thing could remove it temporarily (which means it wasn't fully removed).

My own methods were better (I think the computer lasted a full week before it came back), but in the end the only way to get rid of it (this is after checking the boot sector, looking for rootkits, restoring all system files from a backup, etc) was to do a format.

Very sad, since, for the most part, I'm able to remove viruses without having to resort to that method (although sometimes the damage done is too great and the system ends up needing a format anyway).


Title: Re: Serious Security Flaw in Adobe Flash
Post by: Phoenix on 2009-03-08, 23:13
I haven't had the misfortune to encounter either of those two, thankfully.


Title: Re: Serious Security Flaw in Adobe Flash
Post by: ReBoOt on 2009-03-09, 19:14
I know all about virtumonde since i can't even count all the computers i've disinfected from that shit. However its not that hard to kill really, use the tools combofix, then scan with malwarebytes anti malware and after that use trend micros hijackthis! and delete any registry key refering to (no file) and delete keys pointing onto winlogon process.

Of course you use the tools on your own risk :)

so far most virtumonde infected computer has been infected due to lack off updating java so if you have java installed (which most do) keep it updated!