New Media Player critical vulnerabilities
September 15th, 2008
Media player exploits scare the crap out of me. The biggest reason that they scare me is because “end users don’t think before they click that link” (c) 2008 Web Insecurity. Now, when they normally get an e-mail, they would never click it if it was from their bank, but what happens if the link was from a co worker of theirs. Perhaps a peer in the professional industry, perhaps an e-mail from their doctors office, a friend or favorite department store mailing list with the details of a huge competition. The video form of media is very attractive to end users. Video’s always spread around the net and e-mail like wild fire, hence the name viral video. Now what happens when a media player vulnerability is not withheld like this new one: http://www.securityfocus.com/archive/1/496358? What happens when one of these gets added to MetaSploit, or perhaps in combination with XSS / XSRF maliciously linked in social networking sites?
I don’t have the answer, but I really don’t want to find out.
Entry Filed under: Virus/Worms, Vulnerabilities
Trackback this post