Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Flash flaw puts most sites, users at risk........


13 Nov 2009   #1

Windows 7 Ultimate x64, XP Mode, W8.1 Preview VM - 7 Pro x64 second remote tower
 
 
Flash flaw puts most sites, users at risk........

Quote:
Flash flaw puts most sites, users at risk, say researchers

'Frighteningly bad thing,' said Foreground Security, of flaw allowing hackers to hijack sites, attack users

By Gregg Keizer
November 12, 2009 04:17 PM ET

Computerworld - Hackers can exploit a flaw in Adobe's Flash to compromise nearly every Web site that allows users to upload content, including Google's Gmail, then launch silent attacks on visitors to those sites, security researchers said today.

Adobe did not dispute the researchers' claims, but said that Web designers and administrators have a responsibility to craft their applications and sites to prevent such attacks.

"The magnitude of this is huge," said Mike Murray, the chief information security officer at Orlando, Fla.-based Foreground Security. "Any site that allows user-uploadable content is vulnerable, and most are not configured to prevent this."

The problem lies in the Flash ActionScript same-origin policy, which is designed to limit a Flash object's access to other content only from the domain it originated from, added Mike Bailey, a senior security researcher at Foreground. Unfortunately, said Bailey, if an attacker can deposit a malicious Flash object on a Web site -- through its user-generated content capabilities, which typically allow people to upload files to the site or service -- they can execute malicious scripts in the context of that domain.

"This is a frighteningly bad thing," Bailey said. "How many Web sites allow users to upload files of some sort? How many of those sites serve files back to users from the same domain as the rest of the application? Nearly every one of them is vulnerable."
More at: Flash flaw puts most sites, users at risk, say researchers

My System SpecsSystem Spec
.

13 Nov 2009   #2

Windows 7 Home Premium x64 - Mac OS X 10.6.4 x64
 
 

Uh oh...in typical Adobe fashion...they are too lazy to fix their own product...

Maybe by the time we get flash for x64 the issue will be fixed
My System SpecsSystem Spec
13 Nov 2009   #3

Windows 7 Home Premium 64-Bit
 
 

Quote   Quote: Originally Posted by Zidane24 View Post
Maybe by the time we get flash for x64 the issue will be fixed
Been waiting for x64 Flash for ages It's like waiting for Duke Nukem Forever.
My System SpecsSystem Spec
.


14 Nov 2009   #4

Windows 7 Ultimate x64, XP Mode, W8.1 Preview VM - 7 Pro x64 second remote tower
 
 

Quote   Quote: Originally Posted by AntiSilence View Post
Quote   Quote: Originally Posted by Zidane24 View Post
Maybe by the time we get flash for x64 the issue will be fixed
Been waiting for x64 Flash for ages It's like waiting for Duke Nukem Forever.
You too? Waiting "forever" for DN: Forever!

You never know however since they recently came out with a sequel for another oldie Return to CastleWolfenstein.

The Adobe problem however is serious for IE users namely since looking at a pdf file while online like those for specifications on something will entail the Adobe reader there unless you can download it to a folder to use another reader like Sumatra.
My System SpecsSystem Spec
14 Nov 2009   #5

Windows 7 32bit RTM
 
 

you might as well wait for silver light to be popular lol...
My System SpecsSystem Spec
Reply

 Flash flaw puts most sites, users at risk........




Thread Tools




Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 07:53 AM.
Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App
  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33