Date: Thu, 29 Jul 2010 22:50:38 -0400
Message-Id: <E1OefgE-0005vu-JN@tytso-glaptop>
To: linux-kernel@vger.kernel.org,
        ksummit-2010-discuss@lists.linux-foundation.org
Subject: PSA: Please update your flash plugin!
From: "Theodore Ts'o" <tytso@mit.edu>
Phone: (781) 391-3464
Sender: linux-kernel-owner@vger.kernel.org
Content-Length: 1265
Lines: 27


This is a public service announcement --- if you are running Flash 10.0,
make sure you upgrade to 10.1.  Flash 10.0 has a horrible security
vulnerability:

	http://www.adobe.com/support/security/bulletins/apsb10-14.html

I have Google Analytics running on the ksummit2010 website, and in
addition to discovering that 59% used Firefox and 25% were using Chrome,
and that the most popular screen resolution was 1280x800 followed by
1280x1024, etc. --- I also was able to find that while 59% were running
Flash 10.1, over 40% of the visitors to the ksummit2010 web site were
running a vulnerable version of Adobe flash, which has a remote code
execution vulerability.

If you were visiting that site from your development system, which you
use to push changes to a subsystem maintianer, or even Linus, hopefully
I don't need to tell you what a bad idea it is to leave yourself open
and vulnerable like this.  (This particular security problem with Flash
has been announced for almost 2 months at this point!)

						- Ted
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/