VLS MEDIA PLAYER
Due to vulnerability in the handling of playlists, attackers can inject
malicious code onto a computer. Playlists in XSPF format are affected.
SOLUTION: The manufacturer has
made available the updated version 1.1.10, in which the error is corrected. The
link is available on VLS’s website.
ADOBE FLASH
Hackers are actively exploiting a security hole in Flash player that
allows them to read data from Web pages which a user logged on to, such as
email accounts.
SOLUTION: Adobe has closed the
unforeseen cross-site scripting hole, and is offering an update to Flash
10.3.181.22 for download.
FACEBOOK
An android app named FaceNiff allows attackers to penetrate others’
Facebook accounts if they active on the same Wi-Fi network.
SOLUTION: In order to protect themselves
against such an attack, users should consider always using the SSL option when
accessing Facebook via public networks. The change can be made in the settings
menu of Facebook.
INTERNET EXPLORER
Researchers found an IE bug that let them read cookies from remote PC’s.
They can thus log in to some protected sites without a password. The victim is sent
a puzzle game in which he has to drag and drop objects, which actually secretly
enables the exploit.
SOLUTION: Microsoft has already
fixed this hole thanks to researchers.
0 comments:
Post a Comment