- Security update for Macromedia Flash Player -
Madrid, December 18, 2003 - Macromedia has released a new version of
Macromedia Flash Player to resolve a vulnerability -discovered in Internet
Explorer and Opera- which could be used to access certain local files.
Although the problem has been detected in Internet Explorer and Opera, an
attacker could exploit it in combination with the local Flash data file to
access other information stored on the affected system.
The update supplied by Macromedia stores Flash files in a way that they
cannot be accessed by applications other than Flash Player, preventing
applications such as Internet Explorer or Opera from using them. This stops
an attacker from exploiting vulnerabilities in these browsers to access -via
Flash files- other information on the system.
Macromedia has classified the update as 'important' and recommends that
users install it. This is all the more important bearing in mind that at
present there are no patches for the vulnerabilities in Internet Explorer
and Opera.
The new Macromedia Flash Player (7,0,19,0) is available at:
http://www.macromedia.com/go/getflashplayer
More information from:
http://www.macromedia.com/devnet/security/security_zone/mpsb03-08.html
Manse9933