Visualizador multimedia diseñado para permitirnos tener multitud de sensaciones multimedia en páginas web.

El reproductor Flash visualiza y reproduce contenidos multimedia, desde cientos de juegos interactivos, hasta conciertos en directo a través de la red. Este programa actualizará tu navegador para que soporte la reproducción de Flash sin problemas.

Permite visualizar películas interactivas realizadas con Macromedia Director (sin el uso de 3D o Lingo) y Flash, todo ello en SWF.

Descarga:

Para Internet Explorer (ActiveX)

Para otros navegadores

Adobe has created a special Flash player for the search engines that acts like a virtual user going through each application. It actually goes through the runtime of each Flash application and translates it into something the search engines can understand. So all of those fancy interactive Flash Websites and other rich Internet applications that have been invisible to search engines, can now be seen by them.

However, this technology is still young. It does allow your Flash files to be found and indexed by search engines, but it will not promise that the same pages with embedded Flash will rank high in the search rankings.

Image via Wikipedia

Το "NNDB" είναι ένας νέος σημασιολογικός "Συναθροιστής Νοημοσύνης" (Intelligence Aggregator) που φτιάχτηκε για να βοηθάει τον απλό θνητό να... φακελώνει δημόσια πρόσωπα -είτε εν ζωή, είτε όχι- ενώνοντας με έναν ημι-αυτόματο (αλλά αρκετά ευφυή) τρόπο, όλες τις βιογραφικές, ιστορικές και δημοσιογραφικές πληροφορίες που αφορούν αυτά τα πρόσωπα.

Οι πληροφορίες αυτές, είτε είναι ήδη διαθέσιμες είτε ορίζονται (από εμάς τους ίδιους) μέσα σε ένα απολαυστικό περιβάλλον με γραφικά on-line:

http://mapper.nndb.com/

Μπορούμε δηλαδή να ξεκινήσουμε το πλήρες... φακέλλωμα όλων των "μπουμπουκιών", της πολιτικής και δημόσιας ζωής, με το "NNDB mapper"!

• Μέσα σε αυτό το site μπορεί κανείς να βρει περίπου 33 χιλιάδες δημόσιους φακέλλους (με δικτυωτά διαγράμματα διασυνδέσεων και διαπλεκόμενων) δημόσιων προσώπων, οργανισμών και εταιρειών.

• Το "φακέλλωμα" (δημόσιων προσώπων) είναι ΚΑΙ δικό μας δικαίωμα, δικαίωμα του απλού πολίτη για άμυνα και αντίσταση στην Εξουσία, εφόσον οι πληροφορίες που χρησιμοποιούμε είναι δημόσιες (ούτως ή άλλως) ή είναι πληροφορίες που έχουν βγάλει -με κόπο- στο Φως της δημοσιότητας σοβαροί ιστολόγοι όπως ο Ροίδης (εδώ).
  

Δείτε τώρα το σατιρικό NNDB-γράφημα της "ΘΕΟΚΡΑΤΙΑΣ ΕΔΩ & ΤΩΡΑ" (που σίγουρα θα αρέσει πολύ και στους αγαπητούς κ.κ. Λασκαράτο και Ροίδη!):
http://mapper.nndb.com/maps/792/000001789/

Να και το διάγραμμα διασυνδέσεων του περιβόητου Dick Cheney:

http://mapper.nndb.com/start/?id=22532

Δυστυχώς, η χώρα μας έχει καλυφτεί ελάχιστα, στο NNDB Mapper. Μπορούμε όμως να "δικτυο-φακελλώσουμε" τους πάντες, αν γραφτούμε (δωρεάν) μέλη στο site.

Προς το παρόν, βρήκα μόνο το φάκελλο του Καραμανλή (κλικ εδώ), χωρίς όμως διάγραμμα διασυνδέσεων, προς το παρόν. Eκτός από το φάκελλο του Καραμανλή, δεν βρήκα τίποτα για πολλές άλλες Ελληνικές προσωπικότητες. Αλλά και οι καταχωρημένες Ελληνικές Εταιρείες δεν περιλαμβάνουν ούτε καν την Ιντρακομ.

• Κοντολογίς, για την Ελλάδα, χρειάζεται αρκετή δουλειά στο NNDB Mapper από εμάς τους ίδιους (τους πολίτες).

• ΠΡΟΕΙΔΟΠΟΙΗΣΗ: Το προχωρημένο αυτό Λογισμικό on-line, αν πέσει στα χέρια... παρανοϊκών και συνομωσιολόγων, μπορεί να γυρίσει "μπούμεραγκ" και να τους εκθέσει, αν γεμίσουν χάρτες με... "υποψιασμένες πληροφορίες" (όπως θα καταλάβετε αν δείτε και το άρθρο "NNDB mapper lets conspiracy theorists connect the dots between powerful people").

• English Summary (also for linking to other blogs through Zemanta):

NNDB is proud to announce the NNDB Mapper, a visual tool that lets you explore the connections between people. The NNDB Mapper navigates biographical data collected in NNDB -- over 32,000 individuals, with coverage linking the worlds of business, politics, science and culture.

The NNDB Mapper is a creative instrument, helping you to tell a story about the world through the people in it. Billionaire board members, political bankrollers, Hollywood scandal sex charts and more.

Related articles

• Create An Online Interactive Multimedia Magazine From Any Document With Calameo [via Zemanta]
• YouTube to Introduce High-Quality Videos [via Zemanta]
• NNDB mapper lets conspiracy theorists connect the dots between powerful people [via Zemanta]

32 bit, 64 bit and the 6 Million Dollar Man

Since the days of Windows 95, computers have been primarily based on a 32-bit operating system. In fact, up ‘til now Vista itself has been shipped in 32-bit format. The new Vista is intended to be bigger, faster, stronger - like Lee Majors, who played Steve Austin, in the Six Million Dollar Man - for those of you who remember that 70's serial. 

Why You Should Care

You may be asking, "Why does this matter - how will it affect me?". To you a "bit" is something that belongs in the mouth of a horse, not a technology thing. And as far as Flash goes, he's some comic book hero from by gone days. 

Well, here it is, plain as day. The Adobe Flash Player is not 64-bit compatible. Clear as mud, right? It means that Flash based web sites, movies, and tutorials - like ProCare Tutorials - won't run in the new Vista without a little work around. 

Download Firefox

The solution, according to Adobe, is to use a 32-bit browser, like Firefox. Then install the Free Flash Player in your new browser. You may want to make it your default browser, otherwise, Internet Explorer will still come up.

1. Download Firefox
2. Install the Flash Player
3. Change Your Default Browser in Vista (optional) 

Are you sure this isn't a ProCare thing?

Really and truly, this has nothing to do with ProCare. We are the victim here just like any of the other millions of websites that rely on Flash. This is a compatibility problem between Microsoft's Internet Explorer (which is built into 64 bit Vista) and the Adobe Flash Player. According to Adobe they are "working on Flash Player support for 64-bit platforms". 

Happy browsing and until next time, cheers! 

-Phil 

If you have questions or comments about this article (or suggestions for another article) I'd be pleased to hear from you. Drop me at note at phil@procaresoftware.com.

В крайна сметка реших да хвърля едно око и останах повече от впечатлен... нека ви покажа:

Flash Player 9 версия; Flash Player 10 версия;
Ако нямате, можете да си смъкнете съответните версии на флаш плейъра от тук (Adobe Flash Player version 9.0.124.0) и тук (Flash Player 10).

Та това по-горе беше "Bunker" demo-то и ако някой каже, че е виждал по-красиви неща в компютърни игри, ще избързам да му напомня, че всичко се случваше в реално време В БРАУЗЪРЪТ ВИ! така, че проекта на братушките е повече от впечатляващ.

Ако отидете на www.alternativaplatform.com/en/alternativa3d/ ще можете да чекнете и "Temple" demo-то.

А сега само се замислете за миг... истински интерактивни банери в интернет, такива в който можеш да се разхождаш; 3D модели на сгради, който всеки може да разгледа без да се налага да се инсталират сложни програми (пример); Множество игри, стартиращи се директно в браузъра ви.... Alternativa 3D може да постигне всичко това, и туко виж братушките наистина променят представата ни за "браузване".

Аз лично им желая успех и с интерес започвам да следя проекта им!

Sebetulnya bukan virus, tetapi hanya rentan terhadap serangan dari luar. Pada Windows XP Service Pack 3 (SP3), Microsoft rupanya masih membundel dengan Adobe Flash Player versi 9.0.115.0 yang dirilis pada Desember 2007, yang didapati sangat rentan terhadap serangan virus.

Adobe mengkonfirmasi bahwa versi 9.0.115.0, yang termasuk satu paket dalam XP SP3, mudah diserang virus. Ini terungkap pertama kali melalui server asal Cina. Mereka terserang virus saat mengakses situs web yang diretas memakai injeksi SQL.

Awalnya, peneliti keamanan komputer, termasuk dari Symantec Corp., menganggap bahwa versi terbaru Flash itu juga rentan terhadap virus. Belakangan mereka meralat pernyataan tersebut dan mengatakan hanya versi lama yang berisiko.

Jadi, ada baiknya jika mengupdate flash player anda sekarang melalui situs Adobe atau klik link berikut Download Flash Player seperti yg sudah saya lakukan beberapa saat yg lalu.

Wheew ... :|

Quizas ya tienes tu nuevo Mandriva ONE 2008.1 Spring Edition reluciendo en tu ordenador y sacando chispas pero quieres instalar la nueva version de Adobe Flash Player la cual es la version 9.0.124.0. Aunque Mandriva 2008.1 ya trae  el Flash Player, yo te recomendaría instalar esta nueva version la cual trae muchas mejoras. Por ejemplo, en YouTube al seleccionar pantalla gigante la pelicula no vuelve a reiniciarse desde cero, sino sigue corriendo desde donde le habías indicado ponerse en pantalla gigante. Esto era una gran molestia. Pero instalarlo es muy facil. Los pasos son muy sencillos y los explico paso a paso:

1. Descarga Adobe Flash Player 9.0.124.0 AQUI (3MB). Selecciona Guardar en...

2. Click derecho sobre el icono del archivo y seleccionamos, Abrir con instalador de software.

3. Abrira una ventana y tendras que hacer click en "Instalar" luego pones tu Password.

Luego de hacer estos 3 sencillos pasos, tendras instalado la ultima version de Adobe Flash Player.

Salu2's... Si te gusta Agradece.

Severity: Medium

2 June, 2008

Update:

On Wednesday 28 May, we published an alert about attackers exploiting a zero day vulnerability in Adobe Flash Player. By enticing one of your users to a malicious Web site, an attacker can exploit this vulnerability to execute code on your user's computer, with your user's privileges. In the worst case scenario, the attacker could gain total control of the victim's PC.

In our May alert, we reported that this Flash Player vulnerability may not be as new as Symantec originally thought. According to Symantec's research, the flaw appeared similar to one Adobe has already patched. Nonetheless, Symantec claimed they had observed this new exploit affecting fully patched versions of Adobe Flash Player. So they labeled the threat a zero day vulnerability.

One day after our alert, Symantec updated their Threatcon information, recanting their original claim, and saying the exploit they found in the wild was not a zero day vulnerability. Adobe, the creator of Flash Player, has also confirmed that the exploit found in the wild leverages a vulnerability that was patched in Flash Player 9.0.124.0.

However, despite both Adobe and Symantec's position on this particular exploit, some researchers still worry that a zero day Flash exploit may exist in the wild. McAfee claims to have observed a Flash exploit with the filename, "WIN 9,0,124,0i.swf," which could suggest it targets the patched version of Flash. A day after reporting that, however, McAfee could no longer find that particularly named exploit in the wild.

So what does this mean to you? As it stands today, researchers have not found unarguable proof of a zero day Flash exploit in the wild. However, they have observed attackers exploiting a Flash Player vulnerability in the wild even though Adobe has released a patch for it. Our alert from 28 May says that Adobe's patch from April was not sufficient to protect you from attacks. Now all information we have says that if you deployed the Flash Player patch we described in our 9 April alert, these current attacks shouldn't affect you. Nonetheless, if you don't need Flash content in your network, you might still consider using your Firebox to block SWF files until this attack recedes. You can find directions on how to block SWF files in our original alert from April, which you can find in the Latest Broadcasts page of our website.

References:

• 28 May LiveSecurity alert

• 9 April LiveSecurity alert

• Symantec's Threatcon Advisory

28 May, 2008

Summary:

• These vulnerabilities affect: Adobe Flash Player 9.0.124.0 and earlier on Windows (potentially affects OS X, Unix, and Linux as well)
• How an attacker exploits them: By enticing one of your users into playing a maliciously crafted Flash (.SWF) file
• Impact: An attacker could execute code on the victim's computer, and take control of it
• What to do: Adobe hasn't released a patch yet; see the solution section below for workarounds

Exposure:

Adobe Flash Player displays interactive, animated web content called Flash, often formatted as a Shockwave (.SWF) file. Adobe's Flash Player ships by default with many web browsers, including Internet Explorer (IE). It also runs on many operating systems.

Late yesterday, Symantec, SANS Internet Storm Center Handler's Diary [ 1 / 2 / 3 ], and SecurityFocus all warned of a serious zero day Flash Player vulnerability which they have found attackers exploiting in the wild. As of this writing, researchers do not know the technical details about this new vulnerability; they do know, however, that if one of your users downloads and plays a specially crafted Shockwave Flash (.SWF) file, an attacker could exploit the unpatched flaw to execute code on that user's computer, with that user's privileges. Since most Windows administrators grant their users local administrative privileges, an attacker could potentially exploit these flaws to gain complete control of a victim's computer. The malicious .SWF file could be hosted on a web site, sent via an HTML e-mail, or delivered in other ways via applications that embed Flash.

According to the last update from SecurityFocus, attackers are exploiting this zero day vulnerability in great numbers. They warn that attackers have injected this malicious .SWF exploit into approximately 20,000 legitimate web sites, using web-based attack techniques like those we recently described in our recent Radio Free Security podcast.

On the other hand, this morning Symantec updated their Threatcon information claiming this Flash Player vulnerability may not be as new as they originally thought. Their latest technical analysis reveals that the flaw appears similar to one Adobe has already patched. Even with that, Symantec has still observed this new exploit affecting fully patched versions of Adobe Flash Player. So, either this is a true zero day variant of the original flaw, or Adobe's patch is not working as reliably as it should. Regardless, if you allow Adobe Flash Player in your network, you should remain concerned about this new exploit and follow the workarounds suggested below.

Solution Path:

Because researchers first found this vulnerability being exploited in the wild, Adobe has not had time to release a patch for Flash Player. Until they do, the following workarounds will mitigate the risk of this new exploit affecting your users:

• Internet Explorer (IE) users can set the killbit for Adobe's Flash Player. This prevents IE from playing any Flash content with the Adobe Flash Player. Bear in mind that this also prevents legitimate Flash content from playing. Refer to this Microsoft Knowledge Base article for more details on how to set a killbit. Flash Player's CLSID is BD96C556-65A3-11D0-983A-00C04FC29E36.
• Firefox users should install the NoScript extension. NoScript prevents web sites from running JavaScript, Java, Flash, or other executable web content by default. While NoScript does prevent legitimate web sites from executing scripts as well, you can easily add those trusted sites to your white list to allow them to run the content you need.
• Use a gateway device, like WatchGuard's Firebox products, to block .SWF files from entering your network. See below for more details.

For All WatchGuard Users:

Some of WatchGuard's Firebox models allow you to prevent your users from accessing Shockwave Flash files (.SWF) via the web (HTTP) or emails (SMTP, POP3). If you like, you can temporarily mitigate the risk of this vulnerability by blocking .SWF files using your Firebox's proxy services (video instructions below). Again, many web sites rely on Flash for interactive content, and blocking Flash prevents these sites from working properly. Note that many popular video streaming sites, such as YouTube and JibJab, deliver video using a Flash front end, so this technique may render many video web sites unusable. Nonetheless, with the severity of this zero day exploit, you may want to temporarily block all .SWF content until Adobe releases a patch.

If you choose to block Flash content, follow the links below for video instructions on using your Firebox proxy's content blocking features to block .SWF files by their file extensions:

• Firebox X Edge running 10.x
  • How do I block files with the FTP proxy? (Video, 2:30)
    Windows Media, 17.4MB   /    QuickTime, 11.8MB
  • How do I block files with the HTTP proxy? (Video, 2:52)
    Windows Media, 32MB   /    QuickTime, 28.6MB
  • How do I block files with the POP3 proxy? (Video, 2:35)
    Windows Media, 17.6MB   /    QuickTime, 16.5MB
  • How do I block files with the SMTP proxy? (Video, 2:18)
    Windows Media, 12.2MB   /    QuickTime, 9.1MB
  •  
• Firebox X Core and X Peak running Fireware 10.x
  • How do I block files with the FTP proxy? (Video, 2:30)
    Windows Media, 25.2MB   /    QuickTime, 9.1MB
  • How do I block files with the HTTP proxy? (Video, 2:52)
    Windows Media, 38.2MB   /    QuickTime, 10.7MB
  • How do I block files with the POP3 proxy? (Video, 2:35)
    Windows Media, 23.2MB   /    QuickTime, 10.1MB
  • How do I block files with the SMTP proxy? (Video, 2:18)
    Windows Media, 25.6MB   /    QuickTime, 9.0MB

Status:

Adobe has not had time to release a patch yet. Apply the workarounds described above.

References:

• SANS Internet Storm Center Handler's Diary Entries:
  • Zero Day SWF Entry 1
  • Zero Day SWF Entry 2
  • Zero Day SWF Entry 3
• Symantec's SecurityFocus Advisory

Symantec's Threatcon Advisory

A vulnerabilidade foi relatada em Adobe Flash Player, que pode ser explorado por pessoas maliciosas para comprometer um sistema do usuário.

A vulnerabilidade é causada devido a um erro não especificado. Nenhuma outra informação está disponível no momento.

NOTA: Consta que, esta está actualmente a ser activamente explorada.

A vulnerabilidade é relatado na versão 9.0.124.0. Outras versões também podem ser afetados.

Solução:
Não procure não confiável sites ou seguir links não confiável.

Original Consultivo:
Adobe:
http://blogs.adobe.com/psirt/2008/05/potential_flash_player_issue.html

ISC:
http://isc.sans.org/diary.html?storyid=4465

Outras Referências:
US-CERT VU # 395473:
http://www.kb.cert.org/vuls/id/395473

Flash Player 9

See the current Flash Player system requirements for detailed information on supported operating systems, browsers, and languages.

Shockwave Player 11

For information on the differences between the Full and Slim installers, view this TechNote.

See the Shockwave Player system requirements for detailed information on supported operating systems and browsers.

QuickTimeYouTube

Drag that link to your bookmarks bar. That would make the QuickTime Player plug-in as your YouTube player -- this would make your YouTube streaming a little faster. AND it makes the video better (read: better quality). :)

YouTube as mp4

Drag this at you bookmarks bar. This one does not switch your YouTube Player to another plugin but it provides you a link for you to download it a .mp4  Period. :) Right Click on the link and select Save Target As. and select a location.

That's it! Those are the two bookmarklets that I read about! I've been enjoying the 'better' side of YouTube!! hehehe... :D Instead of accessing it through my browser's cache, I'm now downloading it as mp4 that makes it sweat-free. No Converting. No Flash Baggage!!

lien vers la nouvelle | vu sur scoopeo

blogasty blogmemes nuouz scoopeo technorati wikio my.yahoo quebecbuzz iphoneworld reddit blogometrie Diggons Applenews Myggo Ddurable

There are plenty of nifty new features covered in the labs link. More interesting for Linux users is that we have been addressing the graphical performance issues that manifesting starting in 9r115, the version where we had to rework the graphical system due to the new XEmbed support (trying to remember what that bought us... oh yeah: context menus consistent with the desktop). The key to performance? Move away from recommended APIs and use unrecommended ones (without resorting to deprecated APIs).

Anyway, I can certify that this version is notably faster. I have been testing the FP10 beta on my special profiling tool, a.k.a. Asus Eee PC. But I would still like to hear whether you experience measurable performance improvements as well.

اليوم تحدث (James Ward) عن العشرة الاخطاء عند بناء التطبيقات عن طريق برنامج Flex الشهير تحدث James Ward عن 10 اخطاء معينة يقع فيها الكثير من مستخدمي برنامج Flex وشرح معظمها وطرق الخلاص منها هنا ايضاً ستجد الحلول المثلى للتخلص من هذه الاخطاء القاتلة ..
 وقد اوضح ايضاً مدى حاجتك لتوفر برنامج Flash Player 9 وما فوق وتوفر برنامج Flex 2 او Flex 3 فبرنامج Flash Player 9 ومع اخر احصائيات لادوبي تستخدمة اكثر من 94% من حواسيب العالم ..  وشرح بانه سيتم اطلاق برنامج Adobe AIR  1.0 release   متاحة في بداية 2008 مع العلم انه الان قد تم اطلاق الاصدار Adobe AIR 1.0.1  

اطلع اكثر على الموضوع مع James Ward

تسليط الضوء على Adobe CS3 وعلى Flash Media Server 3 (TC) ونجاح بعض المواقع التي تستخدمة فالمعروف ان كثير من المواقع تخصصها عرض الفيديو على الإنترنت ومنها YouTube, BBC, Accelerade, HD, Viddler.com, Remix, Spike TV فكلها تقريبا تستخدم برنامج Flash Media Server برامج الجوال تستخدم هذا النظام  عندما تستخدم برنامج Flash Media Server قد تكون انت يوتيوب YouTube المقبل والافضل من يوتيوب YouTube ايضاً  دعنا لا ننسى ان حتى برنامج ريل بلاير RealPlayer يستخدم برنامج Adobe Media Player و FMS فالاحصائيات الاولية تشير إلى ان 80% من مواقع الفيديو على الإنترنت تستخدم برنامج Flash Video فعائدات الاستثمار من BBC iPlayer نمت إلى اكثر من  800% عن السابق بعد استخدام برنامج فلاش فيديو  Flash Video
تحرير الفيديو من قبل برنامج Adobe Premiere Pro CS3
تاثيرات بصرية منوعة من قبل بنرامج Adobe After Effects CS3
الصوت والتاثيرات وتحرير الصوتيات من قبل برنامج Adobe Southbooth CS3
فيمكنك الحصول على نسخة من البرنامج تجريبية ما عليك سوء زيارة موقع Adobe.com يمكنك ايضاً ألحصول برنامج فلاش فيديو Flash video وبرنامج فلاش المساعد Flash. ومشغل الفلاش فلاش بلاير Flash Player فكل ما يلزمك هو جهاز كمبيوتر PC يحتوي على نظام تشغيل  Windows او Mac انطلق الان واعمل لنفسك تجربة مع هذا الاسطورة والبرنامج الخارق من شركة ادوبي

تحديات قوية من قبل مايكروسوفت ببرنامج Silverlight للجوال الذي فكرتها ان انزلت برنامج Microsoft’s Silverlight mobile ليصارع تحديات ادوبي الخانقة والخانقة جداً والتي تستخدم برنامج Adobe Flash Lite
مايكروسوفت Microsoft تعترف برنامج Silverlight لن تلحق بركب ادوبي فلاش لتر Flash Lite في المستقبل القريب, ولكنها تعترف بانها تجدها فرصه لإظهار بديل ادوبي فلاش Adobe Flash Lite وهو برنامج Silverlight
وقد علق Sravan Kundojjala المحلل الرائع على هذا الموضوع بقولة تشير التقديرات إلى انه هناك اكثر من 1.7 billion برنامج فلاش Flash Lite سيكون على الهواتف في العالم على مدى السنوات الثلاث المقبلة وحدها
Strategy Analytics estimates that over 1.7 billion Flash Lite-enabled phones will be shipped globally over the next three years alone.”
والجدير بالذكر ان مايكروسوفت اطلقت النسخة Microsoft Silverlight 1.0 SDK
واطلقات ايضاً Silverlight 1.0 for Mobile يعمل على الموبايل مباشرة لينافس برنامج Flash Lite الذي لا اضن انها ستنافسة مطلقاً
النسخة النهائية من Microsoft Silverlight وهي عبارة عن إضافة من إنتاج مايكروسوفت يتم تثبيتها في للمتصفح لتمكين عرض العناصر التفاعلية في صفحات الإنترنت والتي تحتوي على عروض مصورة أو فيديو أو سكربتات برمجية (تعتبر هذه الإضافة منافسة لمشغل الفلاش Flash Player المعروف)

Photoshop Express (Beta) اعلنت هذا الصباح الشركة العالمية ادوبي عن اطلاق نسخة من برنامج فوتوشوب اكسبرس ولكن باصدار بيتا BETA يحتوي على اضافات جميلة ورائعة ومنها ضبط الالوان وزن اللون الابيض ويبرز الصور ويعدل في الوان الصور واضافات جميلة اخرى اضافية للأدوات الموجودة سابقاً كما اوضحت اشركة انه يتوافق مع Photobucket, and Picasa كما يمكنك الان تبادل الصور, واضافات البومات جديدة واضافة تعليقات ايضاً جديدة فكل ما تحتاجه للتعامل مع البرنامج هو اتصال الانترنت وبرنامج ادوبي فلاش بلاير Adobe Flash player تمتع بالجديد من ادوبي ( اشترك الان sign up )

9 April, 2008

Summary:

• These vulnerabilities affect: Adobe Flash Player 9.0.115.0 and earlier, and 8.0.39.0 and earlier on Windows, OS X, Unix and Linux computers
• How an attacker exploits them: Multiple vectors of attack, including enticing one of your users into playing a maliciously crafted Flash (.SWF) file
• Impact: Numerous flaws, various results; in the worst case, an attacker could execute code on the victim's computer, and take control
• What to do: Deploy Flash Player 9.0.124.0 as soon as possible

Exposure:

Adobe Flash Player displays interactive, animated Web content called Flash, often formatted as a Shockwave (.SWF) file. Adobe's Flash player ships by default with many Web browsers, including Internet Explorer (IE). It also runs on many operating systems.

In an alert published late yesterday, Adobe warns of several security vulnerabilities in all versions of Flash Player dating backwards from version 9.0.115.0. Many of the vulnerabilities are critical.

Adobe doesn't describe the flaws in much detail. The worst vulnerabilities are described simply as "input validation errors." Input validation is a fancy term for a simple concept: Any script or program that accepts input (whether directly from users, or from another program) should check that the input makes sense and is of the type expected. Examples of typical input validation flaws include failure to cut off the input after receiving the expected number of characters, or failure to reject meta-characters that have a special meaning to the program accepting the input.

To exploit Flash Player's input validation flaws, an attacker would create a malicious Shockwave Flash (.SWF) file and entice one of your users into downloading and playing it. The file could be hosted on a Web site, or sent via an HTML e-mail, or delivered in other ways via applications that embed Flash. If your user plays the file, Flash's lack of input validation enables the attacker to execute code on that user's computer, with that user's privileges. Since most Windows administrators grant their users local administrative privileges, an attacker could potentually exploit these flaws to gain complete control of a victim's computer.

If you followed CanSecWest 2008's Pwn2Own contest, you probably heard that a laptop running a fully patched version of Windows Vista was hacked via a zero day Adobe Flash Player vulnerability. Today's Flash Player update fixes that vulnerability. The Flash Player update also fixes other, less severe vulnerabilities which attackers could exploit in Cross-Site Scripting (XSS) and DNS rebinding attacks.

Solution Path:

Adobe has released new versions of Flash Player to correct these vulnerabilities. We recommend that you download and deploy Adobe's latest Flash Player throughout your network as soon as possible, regardless of the operating system you run it on. Adobe's web page automatically senses which platform you are using, and proposes a download of the appropriate Flash version.

Note: If you open the download link using Internet Explorer, you'll see a page which, by default, will send you both the Flash update and Yahoo! Toolbar. We recommend that you disable the option of receiving Yahoo! Toolbar, which is not needed for fixing the Flash vulnerability.

Adobe's Flash Player also ships with other Adobe (and formerly, Macromedia) products. For a complete list of the affected products, and links to get the latest update for each product, see the table at the bottom of the Details section of their alert.

For All WatchGuard Users:

Some of WatchGuard's Firebox models allow you to prevent your users from accessing Shockwave Flash files (.SWF) via the web (HTTP) or emails (SMTP, POP3). If you like, you can temporarily mitigate the risk of this vulnerability by blocking .SWF files using your Firebox's proxy services (instructions below). However, many web sites rely on Flash for interactive content, and blocking Flash prevents these sites from working properly. Note that many popular video streaming sites, such as YouTube and JibJab, deliver video using a Flash front end, so this technique will render many video web sites unusable. The best way to protect your network from this flaw is to deploy Adobe's updated Flash Player.

For Firebox X Edge Users Running Version 8.5:

If you would like to block HTTP requests for Shockwave Flash files, you can learn how in the 12-minute video tutorial entitled "Outgoing Proxies" (you'll find it, and several other Firebox X Edge videos, located at the bottom of the tutorials page). With the HTTP proxy setting "Allow only safe content types" enabled, highlight the MIME type "application/x-shockwave-flash," and click the Remove button.

To prevent attackers from sending a malicious SWF file as an attachment to email: In the POP3 proxy settings, go to "Deny Unsafe Filename Patterns" and use the Add button to enter *.SWF. These techniques will block all Flash files from arriving via web or email. (Firebox SOHO and earlier Edge devices do not have proxies, so this step does not apply to them. Those users should install Adobe's Flash Player update.)

For Firebox III, X Core, and X Peak Users:

If the practice fits your business environment, you can use the HTTP and SMTP proxies to block .SWF files (note that this method blocks both malicious and legitimate files). Follow the links below for instructions for your specific WatchGuard device:

• Firebox III and X Core running WFS
  • SMTP Proxy
  • HTTP Proxy
  • Online Training Proxy Module

• Firebox X Core and X Peak running Fireware Pro
  • SMTP Proxy
  • HTTP Proxy

Status:

Adobe released Flash Player version 9.0.124.0, which corrects these issues.

References:

• Adobe's Flash Player Alert
• Written by Adobe for developers: "Understanding Flash Player 9 April 2008 Security Update compatibility"

Update tersebut ditujukan untuk software Flash player, sementara file SWF yang merupakan format standar untuk flash tidak mengalami masalah. Adobe juga tidak merinci jumlah pengguna komputer yang telah terkena serangan malware akibat adanya cacat keamanan pada aplikasi Flash player

Hace tiempo que existía para Windows y Mac, pero la versión Linux tuvo que esperar varios meses. Hasta aquí todo relativamente normal, pero durante todo el día de ayer no paré de ver gente comentando la noticia en twitter y lanzándose a probar una tecnología que hay que recordar es alpha. Esto debería hacer cambiar de opinión a toda esa gente que piensa que Linux no es válido para desktop, unos con opiniones muy fundamentadas y otros simplemente porque son incapaces de ver más allá de su propio ego.

Bueno mientras os lo instaláis en vuestras distros, yo seguiré con mi descubrimiento del día, twhirl :D .