NEWS CENTER

By Anchiva RapidRX Labs,  on July 24,2009

Adobe announced on July 22 that a new critical vulnerability appeared in its all versions of Flash Player installed in Windows, Macintosh, and Linux operating systems. This flaw behind the Flash Player existed in the application’s component authplay.dll, allowing attakers to take the full control of user computers to execute any possible command.(see Adobe Security Advisory ).

 

The Trojan exploiting the flaw has now been detected and blocked, according to Anchiva RapidRX Labs. The Trojan was sent to users via email in a PDF file and the open of the file triggered the attack code which dropped the Trojan into the system. The PDF was detected by Anchiva as Exploit/SWF.Pidief.54B6. The Trojan it contains can send screen grabs of user desktop to the attacker’s website which was also blocked by Anchiva for protecting users from further attacks.

 

Up to now Adobe has falied to provide any patch to fix the vulnerability till July 30. Prior to getting the patch, users are strongly adviced not to open any suspicious unknown PDF files to avoid Trojan infection likelihood.