Adobe Systems Inc fixed holes in its Flash player that netted one hacker the $5,000 Pwn to Own prize
By: Captain Maverick
Published: Apr 9, 2008
Updated: Sep 2, 2010
Adobe Systems Inc. released the fixes Tuesday that plugged the holes used by one hacker two weeks ago to win the $5,000 prize in the "Pwn to Own" challange. This was a contest where hackers were to take down a Windows Vista machine using any exploit possible where one hacker got in by way of Adobe's Flash Player.
Adobe patched seven vulnerabilities including several that could be used to hijack machines running the flawed software. One of the patches fixed a flaw found during a hacker contest sponsored by 3Com Inc.'s Tipping Point. It operates a bug bounty program called Zero Day Initiative to identify software flaws that can be termed critical.
The majority of the flaws in the Flash Player were cause by the way the player handled the .swf files, which are the Shockwave Flash format files. One of the flaws had been reported to Adobe in December of 2007 by Google Inc., which said that the bug could be used to launch a cross-site scripting attack. This is an attack commonly used by identity thieves and phishers.
You can share this Adobe news story with your friends or family from our Technology section. This article can be shared through e-mail or sent to online social Web sites including Twitter, Facebook, MySpace and others. You can choose from one of the options below.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Welcome!