F-Secure Security Center has disclosed an Adobe Flash Player remote code execution vulnerability.

Report ID: SA200900917
Source: F-Secure
Date of Discovery: 25.02.2009
Criticality: Urgent
Affects:
Adobe Flash Player 10.x
Adobe Flash Player 9.x
Compromise From: From remote
Compromise Type: System access
Remote code execution

An upgrade to 10.0.22.87 (10.0r22) is the solution.

It also is a good idea to check the program directory (C:\WINDOWS\system32\Macromed\Flash) and remove all prior versions of flash.

The US Department of Justice has settled with Eli Lilly for more than $1.4 billion over illegal “off-label” marketing practices for an antipsychotic drug.

Facing tens of thousands of claims and over a hundred lawsuits that involved Medicaid fraud investigations in more than 30 states Lilly now has to pay civil penalties of $800 million, plead guilty to criminal charges and pay an additional $600 million in fines.

“Eli Lilly completely ignored the law” and made “hundred of millions of dollars” from its illegal promotion of Zyprexa, [U.S. Attorney Laurie] Magid said at a press conference in Philadelphia today. “We’re holding a company responsible for putting thousands and thousands of patients at risk.”

Lilly had advertised, without clearance from regulators, that five milligrams at 5 pm would help dementia patients fall asleep. The drug represented almost a quarter of company revenues with $4.76 billion in sales for 2007 alone.

Six former sales representatives responsible for blowing the whistle under the federal False Claims Act are to receive $78.8 million in the civil settlement and a share from settlements in states that have whistleblower laws. The company now also must operate under federal monitoring for five years.