All these guys [AMD] have done is steal our ideas and copy us - Intel senior VP
|
|
|
Android smartphones vulnerable to Flash Player attacks
THERE'S A GREAT BIG SECURITY HOLE in Adobe's Flash Player on desktop and mobile systems, and hackers are already taking advantage of it.
In a warning posted on its website, Adobe said that there's a vulnerability in multiple versions of Flash Player, including the latest 10.2 version released in February. It affects Windows, Mac, Linux and Solaris operating systems.
Smartphone owners need to watch out as well, as the flaw also affects Flash Player on Android 2.2 and later.
Adobe said that the vulnerability is being exploited by hackers, who are using a targeted attack via a Flash .swf file embedded in an Excel .xls file, which is delivered as an email attachment. Adobe informed The INQUIRER that it hasn't seen Android attacks as yet.
There is also a flaw in the authplay.dll component shipping with Adobe Reader and Acrobat for Windows and Mac, but so far there are no reports of attacks against that. Adobe is in the process of creating a fix for the Flash issue, and will hopefully hurry it out as fast as it can.
Hackers attacking security vulnerabilities in Adobe Flash is not a new phenomenon. But ever since Flash Player became available on Android with the 2.2 Froyo release last year, smartphone users have become viable targets.
This is a worrying trend, but is always likely to happen due to the freedom that the Android operating system offers. With malware also affecting apps in the Android market, it might be that 2011 could become the year that Google with its mobile OS comes to truly understand the problems that Microsoft has had with securing its dominant Windows PC operating system. µ
Tags: Security
Share this:
Share
How can an exploit in MS Excel affect Android? MS don't make office for Android...
Am I missing something?
Pure garbage article.
If you live in North America, did your Iphone wake you up on time this Monday, or did it goof up again? If you don't live in NA, then it WON'T wake you up on time 3 weeks from now Monday. Again :)
Lets not let the facts get in the way of a good title
Flash 10.2 hasn't been released on Android officially yet (though 10.1 is vulnerable too), if the delivery system is Excel then the phones would still be safe. If a malicious flash site could be constructed then yes the phones could be vulnerable.
I wonder how the sandboxing of the Flash plugin is worked around?
Hopefully there will be an update on the Market soon, bugs and vulnerabilities are unavoidable. It's how quickly they're spotted and fixed that's important.
Unfortunately Adobe don't have a good record at fixing things
Did anyone catch that? It's being distributed as an email attachment? Um, not gonna be a big deal I'm guessing.
Considering I never open email attachments on my phone anyway this will not affect my android based phone.
And Sulis, you will find anyone who owns an android phone or windows mobile phone or any other phone that is capable of running flash that given this issue, they would still prefer a phone that can run flash than getting a locked down Iphone because they can make a choice themselves as to whether they want to use flash or not and not have that choice made by someone who cares more about his company than does his customers.
Dave
After so many, many articles deriding the iPad and iPhone for not including Flash, this one must have really hurt to publish.
Good for The Inq for at least swallowing their pride this time...
Could the title of this article be any more misleading? It affects all platforms not just android, and the only known exploit is in a microsoft excel document..
run Microsoft Excel on my Android device.
Or have I missed the point?
Actually, how do we get the Android update they're obviously going to publish in a hurry?