#0 - Aug. 3, 2009, 8:54 p.m.
update flash: http://www.adobe.com/support/security/advisories/apsa09-03.html
or download it: http://get.adobe.com/flashplayer/
taken from site:
Q u o t e:
Recently there were a number of websites compromised due to an Adobe flash player vulnerability. This vulnerability allowed the injection of flash scripts that download keyloggers onto unsuspecting visitors' computers, opening up the potential for the player to be hacked and lose their video game account.
Thursday Adobe released an update, and it's important for everyone who has Adobe flash player installed to download this patch. If you do not, your computer and video game accounts are at risk.
Find out about the update, or download it and start installing it as soon as you can. You can also use the auto update feature within the flash player if you desire updating through that method.
Please, do this as soon as you can. This vulnerability is very real, and there are people attempting to steal accounts this very moment. Any website you visit until you've updated may be a potential threat to your computer's security.
As an extra precaution, please make sure to run virus scans on your computers to ensure they're clean of threats. The known keylogger files circulating related to this are:
a.exe
b.exe
c.exe
6to4ex.dll
There may be variations of these files we don't know about yet, so please if you detect anything else let us know.
Unfortunately, several addon pages on Curse.com were compromised due to a obscure bug in the html sanitization process. We've removed these comments and released an emergency patch to ensure that this does not happen again.
While the Curse Client remained unaffected by the attack it is still very important for all users to to follow the above steps to make sure you're no longer vulnerable to these attacks.
Please be on the alert, I hope this is not as severe as described. But since we rather be safe than sorry I am posting this just in case.
