Security researchers have disclosed an unpatched vulnerability in the latest version of Adobe Shockwave that allows attackers to remotely execute malicious code on end user machines. The memory corruption vulnerability can be exploited by booby-trapped movie files, making it possible for attackers to take full control of …
Just to clarify...
"making it possible for attackers to take full control of machines"
We're talking about running as the logged in user, right? (I suppose it is possible that there's a built-in privilege elevation attack as well, but that would be a tad unfortunate even by Adobe's standards.)
Still, that's probably enough privilege to empty their bank account.
re: Just to clarify...
But where we're talking windows a fairly high % will be logged in with admin rights anyway, so full control is right for a high %. In corporate environments it will be slightly different, but for home users and a lot of small businesses compromise of the logged in user will inevitably give control over the machine. M$ are partly to blame with the default detup, at least in XP being an admin account, but then you get all of the apps that small businesses seem to love that plain don't work without admin rights. Interestingly FSA applications seem to be the worst offenders here - then there's the laptop users who must have admin rights 'so they can install anything they need when they're not in the office' :(
Re: talking Windows
Well, yeah, and I half expected someone to say that, but...
If you run as a regular user and use the "Run As" to put your browser in a sandbox, you are significantly more secure than the language of the article would suggest. I do sometimes wonder if we do enough to raise awareness of that.
The average user isn't even going to read this article. They will probably never find out that there is a vulnerability and since the fix won't be carried on Microsoft Update they probably won't be patched and will end up with a machine that pumps spam and porn in its spare time. But what if we were all more pedantic with our descriptions? Expressions like "logged-in user" and "privilege escalation" are sufficiently odd that (if we used them more often) end-users might bother to ask (or google) what they mean and why we care.
The current situation leads to mindset where every vulnerability is the end of the world and there's no point in ordinary users taking any precautions. There's gotta be a better way.
Not quite sure what you're expecting. Only disclosed on Thursday and still unpatched. What, is this slovenly or something, or should it have been patched, and then there would be no story. Perhaps a list of the booby trapped videos would be more helpful, so we all know what to avoid, or should we just uninstall Shockwave and totally disconnect from the internet, until either Shockwave is patched, or the booby trapped videos are removed, whichever is quicker.
I still don't understand why your focusing on the software and vendor for things that aren't under their control, if in theory Shockwave or any type of software could be coded to prevent every single permutable threat, then every one would be complaining about bloat, and your home pc/laptop/netbook/tablet alone would need to run it's own datacentre just to function. Not exactly the sort of thing you can just tuck away in the corner of your room really.
Happy zero-day to you
Happy zero-day to you
Happy zero-day dear Adoooooooobeeeeeee
Happy zero-day to you
is the article talking about Shockwave, as in things made using Director (which I thought died about a decade ago)?
And is the bit at the end about 'a plugin called Shockwave Flash' tongue-in-cheek or does the author really not know that the name Shockwave Flash is a historical artefact, and in fact every single 'normal' Flash player is really called Shockwave Flash (hence Flash movies having the extension '.swf')
I'm probably being thick. Is this the first example in history of an English person (me) not understanding the irony of an American (author)?
Oh look, another severe software security flaw from Adobe.
That's never happened before!
re: There are also many examples of MS fixing security flaws in record time.
That was an hour ago, what about now?