供稿种子请大家尽快更新Adobe Flash Player至最新版
首先,赶紧将Flash Player更新到最新版本。
Flash Player有一个漏洞可被坏人利用,可使攻击者在用户电脑上运行未经授权的软件,并有可能导致用户浏览器崩溃。原本Symantec认为此漏洞还会影响最新版的Flash player,后经确认此漏洞只影响9.0.115.0以及更早的版本。
此漏洞貌似已经被广泛利用,大家要注意啊!
根据ShadowServer的监测,他们发现的部分利用此漏洞的网站和有害SWF文件:
请绝对不要访问以下链接,因为它们可能包含有害程序并危害你的电脑:
Domain & IP: www.play0nlnie.com [125.46.104.172]
Malcious SWF: hxxp://www.play0nlnie.com/pcd/topics/ff11us/20080311cPxl31/WIN%209,0,115,0ie.swf
Malware URL: hxxp://www.play0nlnie.com/ax.exe
Malware MD5: 94237921f585b9926a4d37bd43a4b101
Domain & IP: www.tongji123.org [60.190.118.43]
Malcious SWF: hxxp://www.tongji123.org/i1231.swf
Malware URL: hxxp://www.tongji13.org/soc.exe
Malware MD5: d06728a40f94710ad45415cc43f58d0d
Domain & IP: www.dota11.cn [221.206.20.145]
Malcious SWF: hxxp://www.dota11.cn/4561.swf -> hxxp://www.woai117.cn/WIN 9,0,115,0i.swf [new domain, same IP]
Malware URL: hxxp://www.woai117.cn/117.exe
Malware MD5: 6be5a7b11601f8cb06ebba08c063aa09
Domain & IP: www.woai117.cn [221.206.20.145]
Malcious SWF: hxxp://www.woai117.cn/4561.swf -> hxxp://www.woai117.cn/WIN 9,0,115,0i.swf [new domain, same IP]
Malware URL: hxxp://www.woai117.cn/117.exe
Malware MD5: 6be5a7b11601f8cb06ebba08c063aa09
Domain & IP: user1.12-27.net [121.10.108.28] & 513389.cn [121.10.108.28]
Malcious SWF: hxxp://user1.12-27.net/flash1.swf
Malware URL: hxxp://513389.cn/bak.css
Malware MD5: 5b1d4b0c29a95a51f23caa07ef0fafb0
Domain & IP: bb.wudiliuliang.com [59.34.197.14] & www.iphone001.com [74.222.134.204] & qisihuisheng.net [66.186.58.234]
Malcious SWF: hxxp://bb.wudiliuliang.com/ie1.swf -> www.iphone001.com/ie/WIN 9,0,115,0i.swf
Malware URL: hxxp://qisihuisheng.net/swf/sw.exe
Malware MD5: cd5c9a6de9b2e987e0fc951c784c3816
Domain & IP: ageofconans.net [59.34.197.14]
Malcious SWF: hxxp://ageofconans.net/4561.swf -> hxxp://ageofconans.net/WIN 9,0,115,0i.swf
Malware URL: hxxp://ageofconans.net/flash.exe
Malware MD5: 666378fad8b2c8476320066e52d29498
Domain & IP: www.guccime.net [121.10.105.109]
Malcious SWF: hxxp://www.guccime.net/i1231.swf
Malware URL: hxxp://www.guccime.net/0.exe
Malware MD5: 7806c353c9643b85d9a7229be7273de0
Domain & IP: user1.isee080.net [121.10.105.109] & user1.12-26.net [121.10.105.109]
Malcious SWF: hxxp://user1.isee080.net/flash1.swf
Malware URL: hxxp://user1.12-26.net/bak.css
Malware MD5: 7806c353c9643b85d9a7229be7273de0
Domain & IP: www.zuoyouweinan.com [66.186.58.234] & bb.wudiliuliang.com [59.34.197.14]
Malcious SWF: hxxp://www.zuoyouweinan.com/exe.swf
Malware URL: hxxp://bb.wudiliuliang.com/1.exe - 404 not found
Malware MD5: N/A
Domain & IP: www.psp1111.cn [60.190.118.66]
Malcious SWF: hxxp://www.psp1111.cn/flash/versionie.swf -> hxxp://www.psp1111.cn/flash/WIN%209,0,115,0ie.swf
Malware URL: hxxp://www.psp1111.cn/test.exe
Malware MD5: e082868ee2f7ef2c7a955913451a7f01
Domain & IP: www.lkjrc.cn [121.10.107.64] & www.nokia8.com.cn [121.10.107.64]
Malcious SWF: hxxp://www.lkjrc.cn/i1232.swf
Malware URL: hxxp://www.hokia8.com.cn/abe.exe
Malware MD5: 2a733d134cea947cb18f95f2d4b5de3f
根据ShadowServer的报告,很多网站利用此漏洞试图在用户的电脑上执行有害程序,其中经ShadowServer测试确实利用了漏洞的swf文件名有:
ie1.swf
ie2.swf
1231.swf
1232.swf
4561.swf
4562.swf
i1232.swf
i1231.swf
flash1.swf
flash2.swf
WIN 9,0,115,0i.swf
WIN 9,0,115,0f.swf
WIN%209,0,115,0ie.swf
WIN%209,0,115,0ff.swf
当然这些文件名并不是固定的…但是也可以作为一个参考…
解决这个问题的最佳办法就是更新你的Adobe Flash Player到最新版本,请尽快更新吧~
![[cusFace:3]](http://zuoshen.com/wordpress/wp-includes/images/smilies/40.gif)
这是誰...![[cusFace:6]](http://zuoshen.com/wordpress/wp-includes/images/smilies/15.gif)
图不错...
| 
May 30th, 2008 at 7:39 am
前几天就更新了,360提示。
我的电脑现在是裸奔,速度 :razz:
[Reply]
Donald Reply:
May 30th, 2008 at 10:24 am
哈哈,裸奔绝对速度够快~我有点想重装系统了…有点慢…
[Reply]
May 31st, 2008 at 5:17 am
360 确实提示了~
看上去相当危险
[Reply]
Donald Reply:
May 31st, 2008 at 9:52 am
嗯,确实是导致无任何提示的不明文件下载…这种漏洞我看对个人用户来说是最可怕的…下载的东西这就各种各样了,各种木马估计居多…
[Reply]