Adobe Flash Player Clickjacking Vulnerability - gHacks Tech News

Adobe Flash Player Clickjacking Vulnerability

Dante send me a link to an interesting article that describes the latest Adobe Flash Player vulnerability. Adobe published a security advisory yesterday that describes a clickjacking vulnerability. In short: An attacker could lure the unsuspecting user into clicking on a link that would give the attacker access to the computer's microphone and webcam without the user's knowledge.

Adobe published a temporary workaround to protect the computer system against this form of attack that users should apply until the release of a patch that fixes the critical issue permanently on computer systems.

To apply the workaround users should visit the Flash Player's Settings Manager by following the link. There they should click on the Always Deny button which prevents any website from accessing the microphone and webcam settings. This obviously is only necessary if you have a microphone or webcam connected to your computer, if you do not, there is nothing to worry about since exploiting the issue on systems without won't do the attackers any good due to a lack of hardware they can make use of then.

adobe flash player settings manager

The new setting has to be confirmed in the popup that appears automatically after clicking on the Always deny button. The patch is said to be available before the end of October.

Update: Adobe has patched the issue and users of the flash player plugin are again safe from the attack. It is recommended to check your Flash Player version regularly to make sure you have the latest version of the program installed on your PC. The link in the last sentence leads to a page on Adobe's official website where the Flash Player version installed is displayed. The page furthermore lists the latest versions of Flash Player for all supported operating systems, so that you only need to compare your version to the version for your operating system to see if you are running the latest.

Advertisement

We need your help

Advertising revenue is falling fast across the Internet, and independently-run sites like Ghacks are hit hardest by it. The advertising model in its current form is coming to an end, and we have to find other ways to continue operating this site.

We are committed to keeping our content free and independent, which means no paywalls, no sponsored posts, no annoying ad formats or subscription fees.

If you like our content, and would like to help, please consider making a contribution:


Previous Post: «
Next Post: »

Comments

    Leave a Reply

    Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

    Please note that your comment may not appear immediately after you post it.