Adobe Flash Player再现高危漏洞 - 90%用户受影响

Win7之家（ www.win7china.com）：Adobe Flash Player再现高危漏洞 - 90%用户受影响

国外著名安全建议机构secunia今日称发现一个Flash相关0-day攻击，几乎所有的Windows用户都将受到安全威胁。Secunia 称自家安装了安全软件Personal Software Inspector (PSI)的90万名用户中，有92%安装了Flash Player 10，与此同时还有31%同时安装了Flash Player 9，而爆出的0-day攻击Flash版本号跨度相当大——从9.0.159.0一直到10.0.22.87，Adobe公司将于周四发布补丁修补此漏 洞。

同 样安装了Adobe Reader和Abode Acrobat的用户也受到此次0-day攻击的威胁，因两款软件都在PDF文件里内建了Flash内容支持。Adobe公司目前已经获知了改漏洞，称将 于7月30日发布针对Flash的补丁，于7月31日发布针对Adobe Reader和acrobat的补丁。

原文如下：

More than 9 out of every 10 Windows users are vulnerable to the Flash zero-day vulnerability that Adobe won't patch until Thursday, a Danish security company said today.

According to Secunia, 92% of the 900,000 users who have recently run the company's Personal Software Inspector (PSI) utility have Flash Player 10 on their PCs, while 31% have Flash Player 9. (The total exceeds 100% because some users have installed both.)

The most-current versions of Flash Player -- 9.0.159.0 and 10.0.22.87) -- are vulnerable to hackers conducting drive-by attacks hosted on malicious and legitimate-but-compromised sites. Antivirus vendors have reported hundreds, in some cases thousands, of sites launching drive-bys against Flash.