|mogs||Flash flaw potentially makes every webcam or laptop a PEEPHOLE|
|18th Jun, 2013 21:15|
User Since: 22nd Apr, 2009
System Score: 100%
Flash flaw potentially makes every webcam or laptop a PEEPHOLE
But it's a Google problem - Chrome only, insists Adobe
By John Leyden, 18th June 2013
A security flaw thought to have been fixed by Adobe in October 2011 has reappeared thanks to a new vulnerability involving Flash Player browser plug-ins.
The as yet unpatched vulnerability creates a means to seize control of webcams without permission before siphoning off video and audio from victims' PCs. The clickjack-style flaw was uncovered by security consultant Egor Homakov, who developed a harmless proof-of-concept exploit to underline his concerns and push for an early fix.
"This works precisely like regular clickjacking - you click on a transparent flash object, it allows access to Camera/Audio channel. Voila, attacker sees and hears you," Homakov explains in a blog post.
Adobe security team spokeswoman Heather Edell confirmed there was an issue but said it was limited to Flash Player for Google Chrome.
More to read at :-
|MehulBhai||RE: Flash flaw potentially makes every webcam or laptop a PEEPHOLE|
|19th Jun, 2013 09:04|
User Since: 17th Jul 2011
System Score: N/A
|I donot use chrome but it seems they have released an update.
See this http://community.norton.com/t5/Tech-Outpost/Flash-...
|JonAlfred||RE: Flash flaw potentially makes every webcam or laptop a PEEPHOLE|
|19th Jun, 2013 09:51|
User Since: 17th Jun 2013
System Score: N/A
|Has just been addressed by Secunia. Vendor patch: Update to version 27.0.1453.116.
Click About Google Chrome.
Secunia Advisory SA53867
Google Chrome Flash Plugin Clickjacking Vulnerability
Not a customer already?
Learn more about how our market leading Vulnerability Management solutions can help you manage risk and ensure compliance.