![]() ![]() We'll be happy to update the thread as we have new information about the availability of a fix, etc. We're now looking to see if we can be a little more surgical and allow this content to run normally again, now that we've made it through the immediate priority of addressing the vulnerability being abused in the wild. ![]() It's not immediately clear why it happens to be this particular SWF, but it's old, and there's the possibility that a compiler bug or third-party toolchain created some invalid bytecode that wouldn't normally exist in an equivalent SWF compiled from a newer toolchain. ![]() We're now aborting immediately at the validation failure to ensure that we're addressing the entire set of possible related issues. This has always been the case, but weren't treating the validation failure as fatal, and would apply some more nuanced heuristics. For some reason, the SWF that VMWare uses is failing those validation checks. We're aware of the issue and are investigating to see if we can provide some relief.įor background, to address the security issue discovered in the wild that prompted this release, we more tightly enforce rules in the initial validation of the SWF bytecode. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |