Alarm Raised For "Clickjacking" Browser Exploit

Shipment Date writes "ZDNet's Zero Day blog has some new information on what looks like a scary new browser exploit/threat affecting all the major desktop platforms — Microsoft Internet Explorer, Mozilla Firefox, Apple Safari, Opera and Adobe Flash. The threat, called Clickjacking, was to be discussed at the OWASP conference but was nixed at the last minute at hte request of affected vendors. From the article: 'In a nutshell, it's when you visit a malicious website and the attacker is able to take control of the links that your browser visits. The problem affects all of the different browsers except something like lynx. The issue has nothing to do with JavaScript so turning JavaScript off in your browser will not help you.'"

Re:One of these things is not like the other.

[X0563511]

Hmm, and hot on the heels of a few other security vulnerabilities.

I'm really hoping crackers exploit the hell out of flash until it's ground underfoot. If we try to do the nice thing, and suggest/recommend PROPER ways of using Flash, and the only thing we get is a resounding 'fuck you,' I think screwing flash over is called-for.

It's a shame Adobe doesn't put something in their toolkit ELUAs about proper use of Flash.