1. Rene Ritchie's Avatar
    Adobe ramped up the security in Flash 10, which is good because their dodgy habit of executing code in the data space to increase performance leaves them open to all sorts of exploits, same as Java, ActiveX, .Net, etc.

    One of the fixes was to prevent ClickJacking, which people were using to turn on webcams and mics. However, this same security breaks a ton of websites that use Flash controls to access the file system, for example to upload pictures to Facebook, WordPress, etc.

    So, if you use file uploading, you'll need to avoid Flash 10 for now (which means you'll be more vulnerable) and wait for WebApps to update.

    EPIC FAIL INTERPEEPS!
    11-09-2008 09:34 AM
LINK TO POST COPIED TO CLIPBOARD