Support our Sponsors


Uclip Clipping Path Service

UAE Lists Jobs in Dubai


Main Menu

Home
News
Blog
Links
Search

Resources

Windows Software
Mac Software
Hosted Solutions
Server Software
Mobile Solutions

Related Items

powered_by.png, 1 kB

Popular


Home arrow News arrow Latest arrow Vulnerabilities in Flash Applets Still Impairing Website Security
Vulnerabilities in Flash Applets Still Impairing Website Security PDF Print E-mail
Written by Spam News Admin   
Friday, 04 April 2008

Google Security Researchers at the CanSecWest conference in Vancouver, said that too many sites, a number of which are used for economic, banking and other types of sensitive transactions, continue to be vulnerable to malware attacks. These threats typically lead to theft of customers' personal data.


Google Security Researchers at the CanSecWest conference in Vancouver, said that too many sites, a number of which are used for economic, banking and other types of sensitive transactions, continue to be vulnerable to malware attacks. These threats typically lead to theft of customers' personal data.

Rich Cannings, Information Security Engineer, Google, appealed that security experts perform a security audit of all Flash applets maintain on their Websites and change those that are flawed, as reported by ChannelRegister on March 27, 2008.

Software vendors like Adobe and others have patched their development applications so they wouldn't create any more vulnerable Flash documents. However, it's not certain that all these different applets have been made free of vulnerabilities. For there is over 10,000 Websites that host the parasitic content, according to Cannings.

Even, Google still hasn't completed its audit of the omnipresent Shockwave Flash (SWF) it serves. However, engineers have lessened the threat by hosting Web pages on IP addresses Balkanized from Gmail.com, Google.com and its remaining domains.

One reason for the problem in auditing the omnipresent SWF is that it is third-party content developers who created several of the applets. So, when Webmasters ask them for the upgraded files, they often fail to produce the earlier content. This means that the vulnerabilities can be removed only by reproducing the content causing the Website to bear considerable costs.

Meanwhile, the security flaws exist in SWF files are the creation of programs that generate Flash applets, which give life to sites on the Web. Content vulnerable to attacks opens Websites to XSS (Cross-site Scripting) exploits that let attackers to insert malicious code into the sites' pages that end-users visit. So, criminals performing the attack could steal the account details of a user or withdraw funds in his/her name.

In December 2007, Google searches showed over 500,000 applets with bugs but the security researchers some of who were also from iSEC Partners, the penetration testing company, said that the exact number could be much higher. So, Google twisted its search engine to limit the results for the same requests between 80,000 and 90,000 hits.


Posted originally: 04/04/2008

Read Full Article



Reddit!Del.icio.us!Facebook!Slashdot!Netscape!Technorati!StumbleUpon!Newsvine!Furl!Yahoo!Ma.gnolia!Free social bookmarking plugins and extensions for Joomla! websites!
Last Updated ( Wednesday, 21 May 2008 )
 
< Prev   Next >
[ Back ]

Newsflash

Spam is a growing pain. How are you combating spam?

Submit your favorite spam fighting links to us

 

 

 
 
© 2009 spam NEWS - updated Daily
Joomla! is Free Software released under the GNU/GPL License.