A recent vulnerability has been discovered in popular web-content delivery program Adobe Flash, and it could potentially be used to target World of Warcraft players and accounts. The newest available version of Adobe Flash, version 9.0.124.0, does not contain this vulnerability, and we recommend that everyone upgrade their Flash player as soon as possible by visiting the Adobe.com download page at the link below.

http://www.adobe.com/shockwave/download/download.cgi?P1_Prod_Version=ShockwaveFlash

In addition, to avoid exploitation of this vulnerability, we have temporarily disabled the ability to post hyperlinks in our forums. Any links will need to be copied and pasted into a browser. We’ll continue to evaluate any potential security threats and take any steps necessary to ensure a safe and fun environment.

For more information on this issue, you can read the announcements from the Adobe security team concerning the threat at the links below.

http://blogs.adobe.com/psirt/2008/05/potential_flash_player_issue.html
http://blogs.adobe.com/psirt/2008/05/potential_flash_player_issue_u_1.html

---

Q u o t e:
Your code preventing links doesn't work.

See http://forums.worldofwarcraft.com/thread.html?topicId=6762551361&sid=1

---

The forum script to create hyperlinks was disabled, this does not scrub old posts or links that existed before the change. The change was made to hopefully prevent a large influx of attempts to use this vulnerability before it is widely patched. Some threads may have gotten through before we disabled hyperlinks, and it is recommended that you only visit websites after updating Flash, and please report any suspicious URLs or posts using the biohazard symbol.

---

weird fishes

---

Q u o t e:
Symantec still states that:

Vulnerable: Adobe Flash Player 9.0.124 .0


:(

---

http://www.symantec.com/security_response/threatconlearn.jsp

"Adobe has released an official statement noting that Flash Player versions 9.0.124.0 aren't affected by these attacks and confirming that the SWF files are in fact leveraging this flaw. The official statement can be obtained from the following location: Potential Flash Player issue - update (http://blogs.adobe.com/psirt/) Symantec had originally observed what appeared to issues with the patched 9.0.124.0 Linux Stand-Alone and Linux Plugin versions of the software, however Adobe has informed us that the access violations observed are anticipated and by design. The following is the official list of versions affected by these attacks:
Not vulnerable 9.0.124.0
Vulnerable 9.0.115.0 and earlier"

[ Post edited by Drysc ]