Adobe Flash Player Vulnerability
As much I hate to recommend disabling such a powerful and useful component I have killed the version of Adobe Flash currently on my system. There are too many reports of infected sites to take any chances. Versions that appear to be affected include 184.108.40.206. and 220.127.116.11.
One of the new features of WinPatrol is the ability to disable ActiveX components that exhibit vulnerabilities. This feature is so important it’s included in the free and USB Flash version. If you have WinPatrol you can select Flash9(x).exe and click on Disable. You can always Enable again if you really need to but hopefully a new version of Flash will be released soon.
According to SecurityFocus…
Note: This is a drastic step. You will not be able to view most YouTube videos and will see a number of broken image boxes. The good news, you'll also miss some advertising as well.
“Continued investigation reveals that this issue is fairly widespread. Malicious code is being injected into other third-party domains (approximately 20,000 web pages), most likely through SQL-injection attacks. The code then redirects users to sites hosting malicious Flash files exploiting this issue.“
Update: According to Adobe...
"We've just gotten confirmation from Symantec that all versions of Flash Player
18.104.22.168 are not vulnerable to these exploits. Again, we strongly encourage everyone to download and install
the latest Flash Player update, 22.214.171.124. "