PSA: Please update your flash plugin!

From: Theodore Ts'o
Date: Thu Jul 29 2010 - 22:50:49 EST

Next message: Axel Lin: "[PATCH] backlight: use __devinit/__devexit for theplatform_driver.probe/remove handler"
Previous message: Tetsuo Handa: "Re: [AppArmor #7 0/13] AppArmor security module"
Next in thread: Justin P. Mattock: "Re: PSA: Please update your flash plugin!"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This is a public service announcement --- if you are running Flash 10.0,
make sure you upgrade to 10.1. Flash 10.0 has a horrible security
vulnerability:

http://www.adobe.com/support/security/bulletins/apsb10-14.html

I have Google Analytics running on the ksummit2010 website, and in
addition to discovering that 59% used Firefox and 25% were using Chrome,
and that the most popular screen resolution was 1280x800 followed by
1280x1024, etc. --- I also was able to find that while 59% were running
Flash 10.1, over 40% of the visitors to the ksummit2010 web site were
running a vulnerable version of Adobe flash, which has a remote code
execution vulerability.

If you were visiting that site from your development system, which you
use to push changes to a subsystem maintianer, or even Linus, hopefully
I don't need to tell you what a bad idea it is to leave yourself open
and vulnerable like this. (This particular security problem with Flash
has been announced for almost 2 months at this point!)

- Ted
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Axel Lin: "[PATCH] backlight: use __devinit/__devexit for theplatform_driver.probe/remove handler"
Previous message: Tetsuo Handa: "Re: [AppArmor #7 0/13] AppArmor security module"
Next in thread: Justin P. Mattock: "Re: PSA: Please update your flash plugin!"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]