Windows XP SP3 Ships with Vulnerable Flash Player

Microsoft’s Windows XP Service Pack 3 (SP3) includes an older version of Adobe’s Flash Player that’s vulnerable to recently-spotted attacks.

Windows XP SP3 includes Flash Player, a version released by Adobe Systems Inc. in December 2007. That version of Flash Player, however, was superseded by Version on April 8, nearly two weeks before Microsoft decided SP3 was done by giving it a release to manufacturing (RTM) label and sending it out for distribution.

Adobe has confirmed that version, included with XP SP3, is vulnerable to the ongoing attacks, which have originated from Chinese servers. Users have been attacked after visiting legitimate Web sites that had been hacked using now-common SQL-injection attacks.

Late Monday, Microsoft declined to answer questions about Flash, including why it wasn’t able to add the newest version to XP SP3 and what advice it would give users.

Source: Computerworld

Filed under Enterprise Software | Tags: , , , | Comment Below

Leave a Reply

Protected by Comment Guard Pro