Date: Thu, 04 Jan 2001 05:52:44 +0100

A serious security problem in Macromedia's Shockwave Flash plugin for all
platforms and browsers has been published on BugTraq. Exploited, it allows
an attacker to run arbitary code on your machine.

This means that an attacker would have the same rights on your computer
that you have, i.e. data reachable from your machine could be read and
transfered or modifed or viruses and worms could be spread. All of this
works through firewalls, assuming you can see Flash animations on webpages.

This has been reported to Macromedia and CERT in July 2000 and at later
occasions. Nevertheless, the bug still exists in latest versions of Flash
plugins.

For more information, refer to the post on BugTraq
<http://www.dataguard.no/bugtraq/2001_1/0001.html>.

We strongly suggest to remove Flash and Shockwave plugins. You can do that
by moving or deleting all files, that contain "flash", "shockwave", "sw"
or similar in their filename, out of your plugins directory. The plugins
directory is a subdirectory of the Beonex Communicator installation
target directory, e.g. c:\Programs\Beonex\Plugins.

Beonex Communicator does not come with Flash plugins, but might have
imported those of Netscape Communicator 4.x or you might have installed one
yourself.

Update: Bug turned out to be harmless.