By Graham K. Rogers

The site at Help Net Security (Zeljka Zorz) is reporting that Microsoft researchers have uncovered that an old Flash vulnerability is being used as an attack vector and this affects users of Windows, Linux and OS X who have not yet updated. The vulnerability, they report, is in versions of flash before 11.9.900.117.

Visiting a website could trigger the download of Trojan horse malware: "A heap spray and shellcode attack is then executed, and an encrypted portable executable file is dropped on the visitor's computer."

More information on the insecurity and further links are available on the Help Net site.

Graham K. Rogers teaches at the Faculty of Engineering, Mahidol University in Thailand where he is also Assistant Dean. He wrote in the Bangkok Post, Database supplement on IT subjects. For the last seven years of Database he wrote a column on Apple and Macs.