Flash flaw could let hackers in

NEWS A flaw in Macromedia's flagship Flash animation software could open up Windows PCs across the world to hackers. According to Marc Maiffret, co-founder and chief hacking officer for security firm eEye, the vulnerability could allow a malicious hacker to run arbitrary code on any PC using Internet Explorer or Microsoft's email packages. Maiffret said Macromedia has now fixed the bug in the latest version of the software but that the vulnerability was still important because of the "untold" amount of Flash software already downloaded. In a message to the security community, he said: "Furthermore, this issue was found in the wild, and it is not safe to assume it could not be found by others with malicious intent. Nor do we believe it is safe to assume this has not been found by users with malicious intent." Earlier in the year the first virus was discovered which used Macromedia's other popular Shockwave platform. Maiffret advises users to download the latest version of Flash to plug the hole. This can be obtained at: http://www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=Shock