Adobe flash zero-day exploit underway
There is a previously unknown security vulnerability (thus, “zero-day”) in Adobe’s Flash Player that malware authors (“the bad guys”) are exploiting to infect computers that happen across infected sites (think mad pop-ups, password sniffers, keyloggers, viruses, trojans, data loss, endless headaches, etc.). Since Flash Player is extremely popular, everyone will probably be subject to this attack.
A report on SecurityFocus, a leading security-research website, reveals the widespread problem at hand:
More information can be found at the following sites:Continued investigation reveals that this issue is fairly widespread. Malicious code is being injected into other third-party domains (approximately 20,000 web pages), most likely through SQL-injection attacks. The code then redirects users to sites hosting malicious Flash files exploiting this issue.
To prevent being exploited, you may wish to uninstall Adobe Flash Player from your computer until Adobe releases an update, or temporarily disable it with extensions such as NoScript for FireFox.