Up to 250,000 web pages could have been infected with an Adobe Flash player exploit which could spread like wildfire over the forthcoming weekend.
The attacks seems to originate from mainland China and rely on a bug discovered by Mark Dowd from IBM's Internet Security Systems (ISS), a few weeks ago, which can allow a hacker to introduce malware in the target computer through a SWF file known as Downloader.Swif.C.
Security firm Symantec originally purported that the vulnerability was "very similar" to another one found in April but it has been confirmed that the weakness was already known and patched by Adobe, although the Linux version of Adobe's Flash player (v184.108.40.206) is still unprotected.
Symantec has lowered its TreatCon, which is a security barometer, to Level one
Windows users are urged to check which version of Flash they are running (go to About Flash) and upgrade to the latest version which can be found on Adobe's website; version earlier than 220.127.116.11 are vulnerable to the attack.
Symantec recommends disabling Flash until patches are available as well as avoiding dodgy websites.