I'm sceptical it will ever reach the point of having viruses *unless you deploy in projector.exe*
The reason i say this, is i think the only way flash executes the swf files is via the flash player, and that being a sandboxed solution (in that you can't "run" executables, scripts outside the flash player). Its kind of hard to see how a virus or a "read" can be done outside the boundaries of flash player, seen as though its security keeps in toe with IE's .. ie You can't read from a persons HDD period. Scott. ----- Original Message ----- From: <[EMAIL PROTECTED]> Newsgroups: cfaussie To: "CFAussie Mailing List" <[EMAIL PROTECTED]> Sent: Wednesday, March 05, 2003 8:59 AM Subject: Multiple vulnerablities in Flash player > > > This email is to be read subject to the disclaimer below. > > Hi all, > > A couple of days ago Macromedia released a critical update to Flash player, > and I think it's a really good idea to install it. The update fixes several > buffer overflows and methods of bypassing the sandbox. Now we all know how > powerful Flash is, imagine what it could do if misused. > > I think Flash is mature enough that it's possible to write a worm in it > that spreads by email, reads your files, accesses your microphone / webcam, > steals your files and poisons your cat. And with a 75% install base, IMHO > it's only a matter of time... What do you all think? > > Anyway, here's the link for the Macromedia bulletin: > http://www.macromedia.com/v1/handlers/index.cfm?ID=23821 > > Cheers, > Vik > --------------------- > Viktor Radnai > Web Developer, National E-Commerce, Ernst & Young > Direct: +61 2 9248 4361 > > -- Even paranoids have enemies > > -------------------- > NOTICE - This communication contains information which is confidential and > the copyright of Ernst & Young or a third party. > > If you are not the intended recipient of this communication please delete > and destroy all copies and telephone Ernst & Young on 1800 655 717 > immediately. If you are the intended recipient of this communication you > should not copy, disclose or distribute this communication without the > authority of Ernst & Young. > > Any views expressed in this Communication are those of the individual > sender, except where the sender specifically states them to be the views of > Ernst & Young. > > Except as required at law, Ernst & Young does not represent, warrant and/or > guarantee that the integrity of this communication has been maintained nor > that the communication is free of errors, virus, interception or > interference. > > Liability limited by the Accountants Scheme, approved under the > Professional Standards Act 1994 (NSW) > -------------------- > > > > > --- You are currently subscribed to cfaussie as: [EMAIL PROTECTED] To unsubscribe send a blank email to [EMAIL PROTECTED] MX Downunder AsiaPac DevCon - http://mxdu.com/
