There have been lot of rumours and discussions about the recent Adobe Flash Player Remote Code Execution vulnerability.The most interesting thing is that it is a cross-platformvulnerability. Due to the fact that Flash can run in different browsersand on many different platforms, the discovery of this onevulnerability could leave all those operating systems and devices thatare Flash-enabled open (e.g., including some advanced smartphones) tothe attack.
The vulnerability has already been tested on Windows, Apple Mac, andsome Linux distributions, but many other devices that are Flash-enabledcould be affected by the problem too. For example, we verified that theNintendo Wii gaming console is also affected. Wii has an Internetchannel that runs a special version of the Opera browser with Flash,and yes… we verified that it is affected by the problem too! The Wiiconsole completely hangs while browsing a specially crafted video.Security Response posted this video that shows the different effects of this bug on different platforms, including Windows, Apple Mac and finally Nintendo Wii:
The vulnerability discovered affects .FLV files, the video fileformat used by Flash. This file format has recently become hugelypopular due to the success of YouTube.com and other such sites that usethis file format to show their videos. This in itself presents anotherdanger due to the fact that malicious .FLV files can be uploaded tovideo hosting sites, at which point anyone who attempts to watch thatvideo using a vulnerable flash player will be affected.
Ultimately this means that the creator of the malicious flash filedoes not even need to host the file on his own server. Instead he canupload it to any video hosting site, and then send his victims a linkto that legitimate site. There’s already a proof-of-concept video totest the vulnerability and crash many browsers uploaded on YouTube.This situation also presents a new problem for video hosting sitesthemselves, who may need to scan all new content for malformed data andeventually sanitize the crafted videos.
While a public exploit of this vulnerability for the Windowsplatform was posted on a popular exploit Web site, there is no evidenceof public exploits for Linux or Mac so far. Of course, the possibilityof successfully executing code on Wii is still far away. But this newbug presents the console hackers with another weak point to exploittogether with the old Opera SVG bug that was reported few months ago.
To be keep yourself safe, make sure to update your Flash Player with the latest patches from Adobe.
For Adobe patches, (not for your Wii) click here.
The original advisory from Stefano Di Paola for this bug is available here.