April 28 Adobe Systems Inc released an
update on Monday to its widely used Flash Player software to fix
a bug that cybersecurity company Kaspersky Lab said had been
exploited to attack visitors to a Syrian government website.
Adobe said in an advisory posted on its security website
that the vulnerability could allow attackers to gain control of
affected computer systems. It released updates to fix the bug
for systems running on Microsoft Corp's Windows, Apple
Inc's Mac and Linux operating systems.
Moscow-based Kaspersky Lab said on its blog that it learned
in mid-April that a Syrian Justice Ministry website, jpic.gov.sy,
that serves as an online forum for citizen complaints had been
compromised. No attacks on other websites have been reported as
a result of the Flash bug.
"We believe the attack was designed to target Syrian
dissidents complaining about the government," Kaspersky Lab
researcher Vyacheslav Zakorzhevsky said in the blog post. (Blog:
Kaspersky described the attack as a "watering-hole"
campaign. In such attacks, hackers infect websites frequented by
individuals whose computers they are looking to compromise. When
they visit the tainted site, their systems become infected.
(Reporting by Jim Finkle in Boston; Editing by Richard
Valdmanis and Lisa Shumaker)