A security researcher has identified more than 8 million Adobe Flash files that make the websites hosting them vulnerable to attacks that target visitors with malicious code. The Flash files are contained on a wide variety of sites operated by online casinos, news organizations, banks, and professional sports teams. They make …
NoScript in Firefox caught this one:
"NoScript filtered a potential Cross-site scripting (XSS) attempt from [http://www.theregister.co.uk]..."
My beloved Opera remains vulnerable to XSS
This looks like another job...
Who still sees Flash-anything?
More to the point, WHY? Has anything useful ever been done with Flash?
Not saying it /should/ but it does and millions of Britons use it.
>> More to the point, WHY? Has anything useful ever been done with Flash?
Oracle & Flash
Oracle just built their entire support website on Flash. It stinks.
Noscript and flashblock
Once again to the rescue.
It's really getting quite tiresome because I prefer Chrome as a browser but I'm too paranoid to surf around without scripts and flash blocked. :oP
Hoping for Chrome analogues to the mentioned extensions at some point.
...presumably, both blocks the Flash in the first place, but, even if you've enabled the site, will also block the XSS? In fact, for the in-law's, I've installed NoScript in Allow Global Scripts mode, as it will still offer XSS protection (and ClickJacking protection), like in this case, without them having to understand how to use it's blocking features.
Looks like another job
for flashblock. Or just the general if its Adobe its really a pointless security risk...
Its not really the security issues around Adobe products its the complete and utter waste of bandwidth and CPU and peoples time that it encourages.
malicious flash files
> A security researcher has identified more than 8 million Adobe Flash files that make the websites hosting them vulnerable to attacks that target visitors with malicious code ..
Why don't they make the underlying platform secure so as to render data files safe enough to be viewed on them ?
Opera block the XSS?? Look at the forum more...
Opera has always blocked some cross-site scripting, but you need to know what you are talking about... lots of details in above link...
No doubt, YET AGAIN, we're going to get lots of nerds posting how they aren't affected because they use ad-block/no flash/ no script or WHATEVER.
Guess what? No-one CARES - you may as well just post "first post" as your response - it's just as retarded.
Yes, I use many of these tools, but for some reason I don't feel the need to post about that fact everytime something like this comes up... probably because I'm happy with the size of my penis.
Opera was my browser until last dec 30th.You guessed it, an XSS hole on account of adobe flash.
I wish opera would make a secure browser.I would give anything other than slow ff.
- IT bloke publishes comprehensive maps of CALL CENTRE menu HELL
- Analysis Who is the mystery sixth member of LulzSec?
- Comment Congress: It's not the Glass that's scary - It's the GOOGLE
- Analysis Hey, Teflon Ballmer. Look, isn't it time? You know, time to quit?
- Murdoch Facebook gloat: You're like my $580m, 'CRAPPY' MySpace