Adobe Flash Player再現(xiàn)高危漏洞 - 90%用戶受影響

Win7之家（ afsion.com.cn）：Adobe Flash Player再現(xiàn)高危漏洞 - 90%用戶受影響

國外著名安全建議機構secunia今日稱發(fā)現(xiàn)一個Flash相關0-day攻擊，幾乎所有的Windows用戶都將受到安全威脅。Secunia 稱自家安裝了安全軟件Personal Software Inspector (PSI)的90萬名用戶中，有92%安裝了Flash Player 10，與此同時還有31%同時安裝了Flash Player 9，而爆出的0-day攻擊Flash版本號跨度相當大——從9.0.159.0一直到10.0.22.87，Adobe公司將于周四發(fā)布補丁修補此漏 洞。

同 樣安裝了Adobe Reader和Abode Acrobat的用戶也受到此次0-day攻擊的威脅，因兩款軟件都在PDF文件里內建了Flash內容支持。Adobe公司目前已經獲知了改漏洞，稱將 于7月30日發(fā)布針對Flash的補丁，于7月31日發(fā)布針對Adobe Reader和acrobat的補丁。

原文如下：

More than 9 out of every 10 Windows users are vulnerable to the Flash zero-day vulnerability that Adobe won't patch until Thursday, a Danish security company said today.

According to Secunia, 92% of the 900,000 users who have recently run the company's Personal Software Inspector (PSI) utility have Flash Player 10 on their PCs, while 31% have Flash Player 9. (The total exceeds 100% because some users have installed both.)

The most-current versions of Flash Player -- 9.0.159.0 and 10.0.22.87) -- are vulnerable to hackers conducting drive-by attacks hosted on malicious and legitimate-but-compromised sites. Antivirus vendors have reported hundreds, in some cases thousands, of sites launching drive-bys against Flash.