VLC MEDIA PLAYER
Due to a vulnerability in the handling of playlists, attackers can inject malicious code onto a computer. Playlists in XSPF format are affected.
SOLUTION: The manufacturer has made available the updated version 1.1.10, in which this error is corrected. The link is available on VLC's website.
ADOBE FLASH
Hackers are actively exploiting a security hole in Flash player that allows them to read data from Web pages which a user has logged on to, such as email accounts.
SOLUTION: Adobe has closed the unforeseen cross-site scripting hole, and is offering an update to Flash player 10.3.181.22 for download.
FACEBOOK
An Android app named FaceNiff allows attackers to penetrate others' Facebook accounts if they are active on the same Wi-Fi network.
SOLUTION: In order to protect themselves against such an attack, users should consider always using the SSL option when accessing Facebook via public networks. The change can be made in the settings menu of Facebook.
INTERNET EXPLORER
Researchers found an IE bug that let them read cookies from remote PCs. They can thus log in to some protected sites without a password. The victim is sent a puzzle game in which he has to drag and drop objects, which actually secretly enables the exploit.
SOLUTION: Microsoft has already fixed this hole thanks to the researchers.
No comments:
Post a Comment