Flash 11.6 to block automatic play of content in docs created with Office 2007 and older
Adobe last week announced it would add a new security feature to Flash Player in an attempt to block some of the exploits hackers are hiding inside older Microsoft Office documents.
The new feature -- a pop-up warning -- will be triggered when Flash Player detects Flash content inside documents created with Office 2007 and earlier versions.
"Since...November 2010, the most common Flash Player zero-day attack vector has been malicious Flash content embedded in Microsoft Office documents and delivered via email," said Peleus Uhley
Uhley also noted that the latest round of zero-day vulnerabilities in Flash -- ones criminals are already using by the time bugs are patched -- were being exploited with that tactic.
To make Office document-based attacks more difficult, documents generated with Office 2007, 2003 and XP -- Microsoft dropped the latter from its support list in mid-2011 -- will no longer auto-execute Flash content. Instead, when documents created with those suites are opened, Flash will display a dialog recommending the user not let the content play.
Users can select a second option and play the Flash content if they're certain the document came from a trusted source.
Flash won't bother showing the pop-up for documents generated with newer versions of Office, including Office 2010 and the just-released Office 2013, because those suites sport a sandbox that prevents automatic play of Flash content.
Microsoft calls its Office sandbox "Protected View," a feature introduced in Office 2010 and continued in Office 2013. In both suites, Word, Excel, and PowerPoint files are opened in a sandboxed, or isolated, instance of the application when the file was downloaded from the Internet or opened as an Outlook email attachment.
Microsoft did not back-port the Protected View sandbox to older editions of Office.
source :
http://www.computerworld.com/s/article/9236668/Adobe_will_try_to_stymie_some_Flash_attacks_with_new_pop_up
