ie8 fix
madison

Zero Day

Ryan Naraine, Emil Protalinski and Dancho Danchev
Home / News & Blogs / Zero Day

Flash Player dirty dozen: Adobe plugs code execution holes

By | November 10, 2011, 10:04pm PST

Summary: Adobe has slapped a “critical” rating on this bulletin and recommends that all affected users apply the patch immediately.

Adobe has issued a warning for a dozen serious security vulnerabilities in its widely distributed Flash Player software.

The security holes, which affect Windows, Mac OS X, Linux and Solaris users, could allow remote code execution attacks via rigged Flash Player files.

The company shipped Flash Player 11.1.102.55 with patches for the 12 documented vulnerabilities.

  • This update resolves a memory corruption vulnerability that could lead to code execution (CVE-2011-2445).
  • This update resolves a heap corruption vulnerability that could lead to code execution (CVE-2011-2450).
  • This update resolves a memory corruption vulnerability that could lead to code execution (CVE-2011-2451).follow Ryan Naraine on twitter
  • This update resolves a memory corruption vulnerability that could lead to code execution (CVE-2011-2452).
  • This update resolves a memory corruption vulnerability that could lead to code execution (CVE-2011-2453).
  • This update resolves a memory corruption vulnerability that could lead to code execution (CVE-2011-2454).
  • This update resolves a memory corruption vulnerability that could lead to code execution (CVE-2011-2455).
  • This update resolves a buffer overflow vulnerability that could lead to code execution (CVE-2011-2456).
  • This update resolves a stack overflow vulnerability that could lead to code execution (CVE-2011-2457).
  • This update resolves a vulnerability that could lead to a cross-domain policy bypass (Internet Explorer-only) (CVE-2011-2458).
  • This update resolves a memory corruption vulnerability that could lead to code execution (CVE-2011-2459).
  • This update resolves a memory corruption vulnerability that could lead to code execution (CVE-2011-2460).
Adobe has slapped a “critical” rating on this bulletin and recommends that all affected users apply the patch immediately.

Kick off your day with ZDNet's daily e-mail newsletter. It's the freshest tech news and opinion, served hot. Get it.

More from “Zero Day”

Topics

Adobe Systems Inc., Macromedia Flash Player, Execution Hole, Ryan Naraine

Ryan Naraine is a journalist and social media enthusiast specializing in Internet and computer security issues.

Disclosure

Ryan Naraine

The most important disclosure is of my employment with Kaspersky Lab as a member of the global research and analysis team. Kaspersky Lab is a global company specializing in anti-malware and secure content management technologies. I do not own stocks or other investments in any technology company.

Biography

Ryan Naraine

Ryan Naraine is a journalist and social media enthusiast specializing in Internet and computer security issues. He is currently security evangelist at Kaspersky Lab, an anti-malware company with operations around the globe. He is taking a leadership role in developing the company's online community initiative around secure content management technologies.

Prior to joining Kaspersky Lab, Ryan was Editor-at-Large/Security at eWEEK, leading the magazine's and Web site's coverage of Internet and computer security issues and managing the popular SecurityWatch blog, covering the daily threats, vulnerabilities and IT security technologies. He also covered IT security, hacker attacks and secure content management topics for Jupiter Media's internetnetnews.com.

Ryan can be reached at naraine SHIFT 2 gmail.com. For daily updates on Ryan's activities, follow him on Twitter.

Related Discussions on TechRepublic

Did you know you can take part in these discussions with your ZDNet membership?
Ask a Question Start a Discussion
26
Comments
Add Your Opinion

Join the conversation!

Just In

dsffds
jywhy888 7th Mar
Wholesale Toys Wholesale Banner http://www.chinawholesaletown.com/wholesale-Flash-Gift/ World Cup Products
Manicure Set Garden Decorations http://www.chinawholesaletown.com/wholesale-Tellurion/ Umbrella
Lunch Box Wholesale Mouse http://www.chinawholesaletown.com/wholesale-Clothes-Rack/ Wedding Favors
Wine Set Industrial Supplies http://www.chinawholesaletown.com/wholesale-Pen-Holder/ Scarf
Wholesale Sticker Wholesale Stationery http://www.chinawholesaletown.com/wholesale-Waterproof-Case/ Poncho
Wholesale Clothing Wholesale Flag http://www.chinawholesaletown.com/wholesale-Wine-Set/ Ruler
Wholesale Flashlight Wholesale Helmet http://www.chinawholesaletown.com/wholesale-MP3---MP4---MP5-Player/ lable
Wholesale Wallet Writing Instrument http://www.chinawholesaletown.com/ Baby Products Suppliers
Wholesale Lanyard Wholesale Pin http://www.chinawholesaletown.com/ Book Light
Lady Beauty Care Wholesale Earphone http://www.chinawholesaletown.com/wholesale-Silicone/ Earphone
Electroluminescent Wholesale Gift Bags http://www.chinawholesaletown.com/wholesale-Solar-Products/ Fishing Supplies
Wholesale Badge Advertising Material http://www.chinawholesaletown.com/wholesale-Stuffed-Animals/ Vase
Wholesale Speakers Pen Holder http://www.chinawholesaletown.com/wholesale-Racks/ Furniture
Wholesale Coaster Wholesale Magnifier http://www.chinawholesaletown.com/wholesale-Camera/ Mirror
Wholesale Compass Wholesale Whistle http://www.chinawholesaletown.com/ Audio Video Equipment
Poncho Raincoat Wholesale Mp3 http://www.chinawholesaletown.com/wholesale-Glasses/ Mobile Phone
Health Care Products Wholesale Hardware Tools http://www.chinawholesaletown.com/wholesale-Recorder-Pen/ Pin
Wholesale Flag Wholesale Binoculars http://www.chinawholesaletown.com/wholesale-Business-Gift/ China Wholesale
Audio Video Equipment Coca Cola Gifts http://www.chinawholesaletown.com/wholesale-Sport-Items/ Coin Bank
Wholesale Mouse Wholesale Puzzle http://www.chinawholesaletown.com/wholesale-Fan/ Scissors
Wholesale Calendar Wholesale Racks http://www.chinawholesaletown.com/wholesale-Apron/ Jewelry
Wholesale Umbrella Electroluminescent http://www.chinawholesaletown.com/wholesale-Entertainment/ First Aid Kit
Wholesale Whistle Wholesale Scale http://www.chinawholesaletown.com/wholesale-Pen/ Clothes Rack
Wholesale Towel Entertainment Supplies http://www.chinawholesaletown.com/wholesale-Dartboard/ Dartboard
Wholesale Glasses Fishing Supplies http://www.chinawholesaletown.com/wholesale-Binoculars/ USB Flash Drive
Reflective Safety Vest Wholesale Pom Poms http://www.chinawholesaletown.com/wholesale-Ashtray/ Watch
Bottle Opener Wholesale Mobile Phone http://www.chinawholesaletown.com/wholesale-Kitchenware/ Pedometer
Wholesale Banner Wholesale Clap Hands http://www.chinawholesaletown.com/wholesale-Radio/ Calculator
Wholesale Clap Hands Wholesale USB Products http://www.chinawholesaletown.com/wholesale-Cup/ Banner
Garden Decorations Wholesale Speakers http://www.chinawholesaletown.com/wholesale-Bag/ Frisbee
Wholesale Cards Sport Support Products http://www.chinawholesaletown.com/wholesale-Helmet/ Speakers
Wholesale Halloween Gift Men Beauty Care http://www.chinawholesaletown.com/wholesale-Book-Light/ Pen Holder
Wholesale Bracelet Silicone Products http://www.chinawholesaletown.com/wholesale-Medicine-Instrument/ Fan
Christmas Gifts Outdoor Leisure Products http://www.chinawholesaletown.com/wholesale-Money-Bank/ Recorder Pen
Wholesale Scissors Wholesale Lighter http://www.chinawholesaletown.com/wholesale-Jewelry/ Heating Products
Wholesale Candle Wholesale Golf Products http://www.chinawholesaletown.com/wholesale-Clothing/ Stuffed Animals
Wholesale Lighter Wholesale Stress Ball http://www.chinawholesaletown.com/wholesale-Water-Bottle/ Cap
View in thread
0 Votes
+ -
RE: Flash Player dirty dozen: Adobe plugs code execution holes
lehnerus2000 11th Nov
Do these guys even test Flash updates, before they foist them on the unsuspecting public?
0 Votes
+ -
RE: Flash Player dirty dozen: Adobe plugs code execution holes
betelgeuse68 11th Nov
@lehnerus2000

You could say the same about operating systems and browsers. Security patching won't end... ever. It's one big reason this blog even exists.
0 Votes
+ -
Less Code = Easier Debugging
lehnerus2000 Updated - 11th Nov
@betelgeuse68
Linux and Windows kernels have millions of lines of code.
Operating systems have to interact with multiple different programs and hardware devices (simultaneously).
Surely a "video" player doesn't.

Something like Flash, only has to present output to an OS.

IMO, programs (like browsers, Flash, etc.) have less excuse for holes, than operating systems.
0 Votes
+ -
RE: Flash Player dirty dozen: Adobe plugs code execution holes
Tom6 12th Nov
@betelgeuse68
OpenSource systems almost never need security patches. Problems seem to be anticipated far ahead of time and fixed before even reaching the beta testing stage.

Perhaps proprietary coders should be paid to work in at least 1 OpenSource project before being allowed to work on proprietary systems so that they learn the discipline, best practice and high standards that are taken for granted in OpenSource projects.

Actually i don't think it's the programmers fault. I think proprietary projects are too keen to keep secrets even within a project so that coders don't really see how their part of the puzzle fits into the whole. This would seem to make proprietary stuff a breeding-ground for problems.
Regards from
Tom happy
0 Votes
+ -
RE: Flash Player dirty dozen: Adobe plugs code execution holes
Rabid Howler Monkey Updated - 13th Nov
@Tom6 wrote:
"OpenSource systems almost never need security patches.

This is neither helpful nor accurate. It's not helpful because open-source alternatives to Flash, Gnash and Lightspark, are either not available for Windows or are not (ahem, Gnash I'm looking at you) current. And the Windows desktop, with it's approx. 90% market share, is where the miscreants take advantage of Flash vulnerabilities, both unpatched and 0-day.

Helpful advice for those using Flash Player on Windows would be to install Google's Chrome browser which includes the Flash Player plug-in and keeps it updated transparently. On Windows, at least, Google has also provided some protection in the form of sandboxing for the Flash plug-in. Chrome allows the user to whitelist favorite sites that require Flash which decreases one's attack surface by not allowing Flash to run everywhere. In addition, one can download, install and configure the NotScripts extension for Chrome (it's similar to the NoScript add-on for Firefox discussed elsewhere in this thread).

It's not accurate because open-source software, if it's still maintained, gets plenty of security patches. For example, Debian:

http://www.debian.org/security/2011/

Note that there have been five (5) Linux kernel updates thus far in 2011. There have also been four (4) patches for vlc, seven (7) patches for ice weasel (aka Firefox for Debian) and five (5) patches for the Chromium browser, all popular open-source apps running on Debian. And I should know as Debian is my primary desktop Linux system.

With regard to Flash on the Linux desktop, most desktop Linux distros do a great job of keeping it patched through their built-in package manager. In addition, many distros have open-source Flash alternatives such as Gnash and Lightspark available through either official or unofficial repositories. Most Linux users go with Flash as it generally has superior performance. However, it really depends on the web sites one frequents.

Bottom-line is that, for Windows users, Google's Chrome browser provides the safest and most secure browsing experience for Flash Player amongst all of the web browsers. Desktop Linux users can use any browser they like and enjoy both safety and security with Flash Player.
0 Votes
+ -
RE: Flash Player dirty dozen: Adobe plugs code execution holes
nomikhokher 11th Nov
@lehnerus2000 hah....there is something better then flashplayer here: http://www.technologyfazer.com/the-razer-cloud-based-synapse-2-0.html
0 Votes
+ -
RE: Flash Player dirty dozen: Adobe plugs code execution holes
jerryg50 11th Nov
I would think its impossible to test every possible combination of holes in any software that has to work in a network environment where there could be millions of possible combinations with packet requests and responses. Anything that works on a network is open for vulnerability. There will be no end to this fight. Its unfortunate that us users have to endure such risk if we want to use the system. we have to be careful and use common sense.

Jerry G.
0 Votes
+ -
RE: Flash Player dirty dozen: Adobe plugs code execution holes
lehnerus2000 11th Nov
@nomikhokher
I'm not sure how that helps with web page videos though.

@jerryg50
Agreed (sort of).
IMO, the problem is the same thing that Windows is always accused of, bloat/feature creep.

How many Notepad or Calculator exploits have you heard about?
0 Votes
+ -
dsffds
jywhy888 7th Mar
Wholesale Toys Wholesale Banner http://www.chinawholesaletown.com/wholesale-Flash-Gift/ World Cup Products
Manicure Set Garden Decorations http://www.chinawholesaletown.com/wholesale-Tellurion/ Umbrella
Lunch Box Wholesale Mouse http://www.chinawholesaletown.com/wholesale-Clothes-Rack/ Wedding Favors
Wine Set Industrial Supplies http://www.chinawholesaletown.com/wholesale-Pen-Holder/ Scarf
Wholesale Sticker Wholesale Stationery http://www.chinawholesaletown.com/wholesale-Waterproof-Case/ Poncho
Wholesale Clothing Wholesale Flag http://www.chinawholesaletown.com/wholesale-Wine-Set/ Ruler
Wholesale Flashlight Wholesale Helmet http://www.chinawholesaletown.com/wholesale-MP3---MP4---MP5-Player/ lable
Wholesale Wallet Writing Instrument http://www.chinawholesaletown.com/ Baby Products Suppliers
Wholesale Lanyard Wholesale Pin http://www.chinawholesaletown.com/ Book Light
Lady Beauty Care Wholesale Earphone http://www.chinawholesaletown.com/wholesale-Silicone/ Earphone
Electroluminescent Wholesale Gift Bags http://www.chinawholesaletown.com/wholesale-Solar-Products/ Fishing Supplies
Wholesale Badge Advertising Material http://www.chinawholesaletown.com/wholesale-Stuffed-Animals/ Vase
Wholesale Speakers Pen Holder http://www.chinawholesaletown.com/wholesale-Racks/ Furniture
Wholesale Coaster Wholesale Magnifier http://www.chinawholesaletown.com/wholesale-Camera/ Mirror
Wholesale Compass Wholesale Whistle http://www.chinawholesaletown.com/ Audio Video Equipment
Poncho Raincoat Wholesale Mp3 http://www.chinawholesaletown.com/wholesale-Glasses/ Mobile Phone
Health Care Products Wholesale Hardware Tools http://www.chinawholesaletown.com/wholesale-Recorder-Pen/ Pin
Wholesale Flag Wholesale Binoculars http://www.chinawholesaletown.com/wholesale-Business-Gift/ China Wholesale
Audio Video Equipment Coca Cola Gifts http://www.chinawholesaletown.com/wholesale-Sport-Items/ Coin Bank
Wholesale Mouse Wholesale Puzzle http://www.chinawholesaletown.com/wholesale-Fan/ Scissors
Wholesale Calendar Wholesale Racks http://www.chinawholesaletown.com/wholesale-Apron/ Jewelry
Wholesale Umbrella Electroluminescent http://www.chinawholesaletown.com/wholesale-Entertainment/ First Aid Kit
Wholesale Whistle Wholesale Scale http://www.chinawholesaletown.com/wholesale-Pen/ Clothes Rack
Wholesale Towel Entertainment Supplies http://www.chinawholesaletown.com/wholesale-Dartboard/ Dartboard
Wholesale Glasses Fishing Supplies http://www.chinawholesaletown.com/wholesale-Binoculars/ USB Flash Drive
Reflective Safety Vest Wholesale Pom Poms http://www.chinawholesaletown.com/wholesale-Ashtray/ Watch
Bottle Opener Wholesale Mobile Phone http://www.chinawholesaletown.com/wholesale-Kitchenware/ Pedometer
Wholesale Banner Wholesale Clap Hands http://www.chinawholesaletown.com/wholesale-Radio/ Calculator
Wholesale Clap Hands Wholesale USB Products http://www.chinawholesaletown.com/wholesale-Cup/ Banner
Garden Decorations Wholesale Speakers http://www.chinawholesaletown.com/wholesale-Bag/ Frisbee
Wholesale Cards Sport Support Products http://www.chinawholesaletown.com/wholesale-Helmet/ Speakers
Wholesale Halloween Gift Men Beauty Care http://www.chinawholesaletown.com/wholesale-Book-Light/ Pen Holder
Wholesale Bracelet Silicone Products http://www.chinawholesaletown.com/wholesale-Medicine-Instrument/ Fan
Christmas Gifts Outdoor Leisure Products http://www.chinawholesaletown.com/wholesale-Money-Bank/ Recorder Pen
Wholesale Scissors Wholesale Lighter http://www.chinawholesaletown.com/wholesale-Jewelry/ Heating Products
Wholesale Candle Wholesale Golf Products http://www.chinawholesaletown.com/wholesale-Clothing/ Stuffed Animals
Wholesale Lighter Wholesale Stress Ball http://www.chinawholesaletown.com/wholesale-Water-Bottle/ Cap
0 Votes
+ -
RE: Flash Player dirty dozen: Adobe plugs code execution holes
shellcodes_coder 11th Nov
lol, this is the reason I will never install that security nightmare flash. I use Chrome and flash will always be disabled wink
0 Votes
+ -
RE: Flash Player dirty dozen: Adobe plugs code execution holes
PhillyIT 11th Nov
@shellcodes_coder
Consider running Firefox with No Scripts addon, it's great. You can choose to allow flash content or anything else on a website to run but by default nothing runs.
0 Votes
+ -
Agreed
mrgoose 11th Nov
@PhillyIT +1

NoScript + my other favourite addon, Adblock have revolutionised my browsing experience.

Means you, the user, chooses what you see on-screen and what scripts and flash objects you wish to allow.

Just to be safe, I run the whole lot, as a non-root user, on Kubuntu Linux and have done so for nearly five years. Care to guess how many malware infections I've had in that time? lol happy

Best wishes, G.
0 Votes
+ -
RE: Flash Player dirty dozen: Adobe plugs code execution holes
Jaytmoon 11th Nov
@PhillyIT
does that block those anoying pulse360 pop-unders?
0 Votes
+ -
AdBlock
mrgoose 11th Nov
@Jaytmoon

Probably a job for AdBlock rather than Noscript. AdBlock's strength is that you can "ban" an entire site or any URL on that site. Also supports wildcards. For example you can "ban" certain transparent gifs that are supposed to protect images from downloading. It also makes Yahoo and other freemail pages bearable because you can simply ban all the advertising content that you don't like

In a nutshell, once you have identified where advertising rubbish comes from, you can ban it with AdBlock, and never have to look at the bloody things, ever again! happy

Best wishes, G.
0 Votes
+ -
RE: Flash Player dirty dozen: Adobe plugs code execution holes
jorjitop Updated - 12th Nov
@shellcodes_coder
But, Chrome is itself spyware from Google. Better to use Firefox and NoScript, Flashblock, and perhaps Ghostery.
0 Votes
+ -
RE: Flash Player dirty dozen: Adobe plugs code execution holes
Agnostic_OS 11th Nov
Stack overflow, Buffer overflow, memory corruption, heap corruption, etc, etc...
Has Adobe ever heard of a QA process?
Thankfully I don't allow their dross on any of my systems.
0 Votes
+ -
Has Google sandboxed Flash Player in Chrome yet?
Rabid Howler Monkey Updated - 11th Nov
Approximately a year ago, to great fanfare, Google announced it's intention to fully sandbox Flash Player inside it's built-in Chrome's sandbox. And earlier this year, Vupen discovered a vulnerability that enabled them to break out of Chrome's built-in sandbox. According to Vupen, this vulnerability involved Flash Player (Google disagreed with this) which, at the time, had not been fully sandboxed.

Has Google completed this task? And if so, is Flash Player sandboxed inside of Chrome on all platforms, including Windows, Mac OS X and Linux?
0 Votes
+ -
RE: Flash Player dirty dozen: Adobe plugs code execution holes
shellcodes_coder 11th Nov
@Rabid Howler Monkey sandbox for flash was and is fully implemented at that time too. They just managed to get out of the sandbox via security holes in flash but they did say it was one of the most complicated exploit code
0 Votes
+ -
RE: Flash Player dirty dozen: Adobe plugs code execution holes
Silex 11th Nov
mustn't be that much exciting to have a job, trying to fix this dodo.
0 Votes
+ -
RE: Flash Player dirty dozen: Adobe plugs code execution holes
dsomerv 11th Nov
Suppose I want to know if I need to update:
- what is the name of the product ? : Adobe Flash ? Macromedia Flash ? Shockwave Flash ? Flash Plugin ? , Flash Activex ? ... etc -
- should old versions of products with these names be uninstalled or somehow removed ?
- where is the correct place to find the Flash download so that I can use IE8 to visit the (way too many) sites that don't work without Flash ?
0 Votes
+ -
RE: Flash Player dirty dozen: Adobe plugs code execution holes
mechBgonII 11th Nov
@dsomerv
1. you can get Adobe's Flash Player Uninstaller from here. Run it and it should remove the old versions:
http://kb2.adobe.com/cps/141/tn_14157.html

2. you can get the new version here:
http://get.adobe.com/flashplayer/otherversions/
0 Votes
+ -
RE: Flash Player dirty dozen: Adobe plugs code execution holes
windozefreak 11th Nov
Got a pushed update about an hour ago. They got a update quickly! By the way, updates for software is par for course!!
0 Votes
+ -
RE: Flash Player dirty dozen: Adobe plugs code execution holes
devudesign Updated - 11th Nov
You can't see it, just like sheep, don't you?
This article is indented to show dark side of the new release of flash 10.1 on both PC and mobile platforms that happened today. The intentionally showing the part of what has been bad. Not what has been fixed or released. They can't be objective to their yesterday announcement flash is dead.

By the way you have also very BIG BUG on this blog you have to fix. It is also security bug and put my mental health at risk. I subscribed all the email spam from you but is keep coming. Please FIX IT!
0 Votes
+ -
Code with No Vulnerabilities Will Happen One Day....
Pronounce 11th Nov
As will Utopia, no more wars, the end to worldwide hunger, and the cure for the common cold. Until that time you have to be cautious and sensible. And by all means don't drink the Koolaid handed you from the fanboys of OS what-n-what or this-n-that.
0 Votes
+ -
That's still no excuse
ScorpioBlue 13th Nov
That's still no excuse for mediocre code.
0 Votes
+ -
Why all the headaches?
MadYank 14th Nov
For myself, I just use IE 8.0 w/MS Security Essentials, and if they detect something hinky, I don't allow it on my system. And as of Saturday afternoon, so far, so good.
It's called "Stay OUT of the minefield, dummy - and you WON'T get your feet blown off!"
While I realize this is a less-than-adventurous way of prowling around the Web, MY name isn't Spider-Man; I had enough adventure in 'Nam, thank-you-very-much. These days, I do MY venturing in a game of D&D!

Join the conversation!

Formatting +
BB Codes - Note: HTML is not supported in forums
  • [b] Bold [/b]
  • [i] Italic [/i]
  • [u] Underline [/u]
  • [s] Strikethrough [/s]
  • [q] "Quote" [/q]
  • [ol][*] 1. Ordered List [/ol]
  • [ul][*] · Unordered List [/ul]
  • [pre] Preformat [/pre]
  • [quote] "Blockquote" [/quote]
ie8 fix
Click Here
ie8 fix

The best of ZDNet, delivered

ZDNet Newsletters

Get the best of ZDNet delivered straight to your inbox

Facebook Activity

Blog Roll

Blog Archive

White Papers, Webcasts, & Resources
ie8 fix
ie8 fix