Leave a comment

Top Story: This Adobe security hole doesn't have an easy fix - here's what to do

Top Story: This Adobe security hole doesn't have an easy fix - here's what to do

Earlier this month we told you about an emergency patch Adobe released for Flash. This was to fix a serious problem that could have let hackers take over your system.

Now, we're learning there's a new problem in a component of Adobe Analytics called AppMeasurement for Flash Library. Developers can add this component to their projects to track how many people are viewing videos. Unfortunately, if a certain feature of AppMeasurement is turned on, it opens up users to a serious threat.

Using the flaw, a hacker can steal a user's session cookie. The site will think the hacker is the user and the hacker can do anything they want with the site and user account. On a site that contains your credit card information or other sensitive information, that's a serious problem.

Unfortunately, you can't patch this flaw by updating the software directly. It has to be fixed by website developers.

Fortunately, Adobe has already released a fix and developers are rebuilding the affected Analytics sites. The security researcher who discovered the flaw, Randy Westergren Jr., says he expects most sites to have this patched by the beginning of May.

In the meantime, it's a good idea to only run the software when it's absolutely needed. Learn how to take control of your browser for better security.

Next Story
Source: Threat Post
Malware alert: Trojan spreading through popular word processing programs
Previous Happening Now

Malware alert: Trojan spreading through popular word processing programs

Google beefs up security for Android OS but only 4% of users can get it
Next Happening Now

Google beefs up security for Android OS but only 4% of users can get it

View Comments ()