Symantec retracts claim that attack exploit is “zero day”
Severity: Medium
2 June, 2008
Update:
On Wednesday 28 May, we published an alert about attackers exploiting a zero day vulnerability in Adobe Flash Player. By enticing one of your users to a malicious Web site, an attacker can exploit this vulnerability to execute code on your user’s computer, with your user’s privileges. In the worst case scenario, the attacker could gain total control of the victim’s PC.
In our May alert, we reported that this Flash Player vulnerability may not be as new as Symantec originally thought. According to Symantec’s research, the flaw appeared similar to one Adobe has already patched. Nonetheless, Symantec claimed they had observed this new exploit affecting fully patched versions of Adobe Flash Player. So they labeled the threat a zero day vulnerability.