macromedia flash 5's new trojan


Recommended Posts

New Macromedia 5 trojan

A new technique for embedding malicious code in Flash files has been discovered, prompting Macromedia to patch its standalone Flash player.

Using an undocumented feature in the Flash 5 authoring tool, a Macromedia customer found it was possible to create a "Trojaned" Flash movie that, when viewed using the standalone Flash player, would place a malicious script on the viewer's computer.

An advisory and a harmless demonstration of the new flaw was posted on the Web this week by the Macromedia customer, who uses the nickname Vengy.

According to Vengy, Flash 5 supports an undocumented ActionScript command called fscommand:save that enables Flash developers to save the main timeline variables of a movie to a file.

Vengy's demo showed how the "save" command could be used to create a batch program on the hard disk of Flash standalone player users who viewed a movie containing the Trojan horse code. In the demo, the Trojan program executed when the victim rebooted his or her computer.

A Macromedia representative today said the company released an updated version of its standalone Flash player Monday, and that the "save" feature would be removed from future versions of the player

***

NOTE: read this in an intelligentx newsletter.

Link to comment
Share on other sites

This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.