Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: Adobe Updates for Flash Player. More info can be found here --> SANS ISC InfoSec Forums

Participate: Learn more about our honeypot network

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Adobe Updates for Flash Player. More info can be found here -->

New Flash updates have been released today.  In addition to this there have been some good changes for flash on firfox with the addition of the sandbox.  More info on the sandbox and a good explanation can be found here



392 Posts
ISC Handler
Jun 9th 2012
On a semi-related note, has anybody else noticed an increase in probings for the Adobe Flex crossdomain.xml files on non-Flex websites? We have a rule on our web app firewall that looks for 404 responses from the web server, blocks the connection and alerts us. The rule serves two purposes: It alerts us to breaks in web applications and it alerts us to people poking around.

For the past few months we're seeing our non-Flex HTTPS-only web servers getting probed for the presence of that file.The Adobe SWF file on the client computer is what normally makes that request. So somebody probing for it outside of a SWF application means someone is looking specifically for Flex websites. The IP addresses doing this in the last week are all from providers of residential Internet access. No companies or search engines.

Sign Up for Free or Log In to start participating in the conversation!