back to article Serious web vuln found in 8 million Flash files

A security researcher has identified more than 8 million Adobe Flash files that make the websites hosting them vulnerable to attacks that target visitors with malicious code. The Flash files are contained on a wide variety of sites operated by online casinos, news organizations, banks, and professional sports teams. They make …

COMMENTS

This topic is closed for new posts.
Thumb Up

Sweet...

NoScript in Firefox caught this one:

"NoScript filtered a potential Cross-site scripting (XSS) attempt from [http://www.theregister.co.uk]..."

2
1
Unhappy

Opera

My beloved Opera remains vulnerable to XSS

0
0

This looks like another job...

for NoScript!

0
1
Silver badge

::shrugs::

Who still sees Flash-anything?

More to the point, WHY? Has anything useful ever been done with Flash?

0
2
Silver badge
Alert

Just saying

BBC iPlayer.

Not saying it /should/ but it does and millions of Britons use it.

0
0
Thumb Up

@jake

>> More to the point, WHY? Has anything useful ever been done with Flash?

http://www.badgerbadgerbadger.com/

0
0
EJ
Thumb Down

Oracle & Flash

Oracle just built their entire support website on Flash. It stinks.

0
1
Badgers

Noscript and flashblock

Once again to the rescue.

It's really getting quite tiresome because I prefer Chrome as a browser but I'm too paranoid to surf around without scripts and flash blocked. :oP

Hoping for Chrome analogues to the mentioned extensions at some point.

0
0

NoScript...

...presumably, both blocks the Flash in the first place, but, even if you've enabled the site, will also block the XSS? In fact, for the in-law's, I've installed NoScript in Allow Global Scripts mode, as it will still offer XSS protection (and ClickJacking protection), like in this case, without them having to understand how to use it's blocking features.

1
0
Silver badge

Looks like another job

for flashblock. Or just the general if its Adobe its really a pointless security risk...

Its not really the security issues around Adobe products its the complete and utter waste of bandwidth and CPU and peoples time that it encourages.

0
0
Linux

malicious flash files

> A security researcher has identified more than 8 million Adobe Flash files that make the websites hosting them vulnerable to attacks that target visitors with malicious code ..

Why don't they make the underlying platform secure so as to render data files safe enough to be viewed on them ?

1
0

Opera block the XSS?? Look at the forum more...

http://my.opera.com/community/forums/search.dml?term=XSS?&tag=&username=&exactusername=Y&mode=forum&submit=+search+&datemodifier=newer&limitdate=any&sortby=rel&disp=thread

Opera has always blocked some cross-site scripting, but you need to know what you are talking about... lots of details in above link...

0
0
Silver badge
FAIL

Mr.

No doubt, YET AGAIN, we're going to get lots of nerds posting how they aren't affected because they use ad-block/no flash/ no script or WHATEVER.

Guess what? No-one CARES - you may as well just post "first post" as your response - it's just as retarded.

Yes, I use many of these tools, but for some reason I don't feel the need to post about that fact everytime something like this comes up... probably because I'm happy with the size of my penis.

2
0
Unhappy

serious web...

Opera was my browser until last dec 30th.You guessed it, an XSS hole on account of adobe flash.

I wish opera would make a secure browser.I would give anything other than slow ff.

0
0
This topic is closed for new posts.

Forums