Linux Today: Linux News On Internet Time.

More on LinuxToday

Flash Is at Risk, But It's Not All Adobe's Fault

Feb 01, 2010, 23:03 (0 Talkback[s])
(Other stories by Sean Michael Kerner)

"Adobe's Flash technology has been the target of security researchers for several years, though often it's the Flash Player that gets the bulk of the attention. Mike Bailey, a senior security analyst with Foreground Security, is now turning the focus to how common programming bugs can enable Flash objects to attack Web sites.

"Bailey is discussing his research in a talk titled, "Neat, New, and Ridiculous Flash Hacks" at the Black Hat D.C security conference ongoing this week. His talk follows a fix already made by Twitter earlier this month to protect against one of the attack vectors he's talking about. Bailey told InternetNews.com that his research is focused on how Flash can be leveraged against a Web site, a user, or a Web browser.

""This is different from the other Flash research that has already been done to attack the Flash Player and use it to comprise a user's computer," Bailey said. "Very little research has been done on how the Flash Player and application interacts with Web sites and the Web browser."

Complete Story

Related Stories: