NEW YORK, USA: Visitors to user-generated content sites at risk due to a lax security policy in Adobe Flash say researchers who has found a technique exploiting the way browsers handle Flash files.
According to a CNET news report, the problem stems from the origin policy of Adobe Flash, Mike Bailey, a senior security researcher at Foreground Security, said in an interview on Wednesday. "Adobe should change the way Flash Player handles the security policy so it doesn't allow arbitrary content to access the application without permission."
By default, Flash Player trusts anything, but it should only trust what is allowed," he said, providing more technical discussion in a blog post.
No comments:
Post a Comment