aberflasm Posted March 2, 2002 Share Posted March 2, 2002 New Macromedia 5 trojan A new technique for embedding malicious code in Flash files has been discovered, prompting Macromedia to patch its standalone Flash player. Using an undocumented feature in the Flash 5 authoring tool, a Macromedia customer found it was possible to create a "Trojaned" Flash movie that, when viewed using the standalone Flash player, would place a malicious script on the viewer's computer. An advisory and a harmless demonstration of the new flaw was posted on the Web this week by the Macromedia customer, who uses the nickname Vengy. According to Vengy, Flash 5 supports an undocumented ActionScript command called fscommand:save that enables Flash developers to save the main timeline variables of a movie to a file. Vengy's demo showed how the "save" command could be used to create a batch program on the hard disk of Flash standalone player users who viewed a movie containing the Trojan horse code. In the demo, the Trojan program executed when the victim rebooted his or her computer. A Macromedia representative today said the company released an updated version of its standalone Flash player Monday, and that the "save" feature would be removed from future versions of the player *** NOTE: read this in an intelligentx newsletter. Link to comment Share on other sites More sharing options...
Recommended Posts