Source |
Network World |
Identifiant |
298625 |
Date de publication |
2017-01-24 10:25:00 (vue: 2017-01-24 10:25:00) |
Titre |
Severe vulnerability in Cisco\'s WebEx extension for Chrome leaves PCs open to easy attack |
Texte |
Anyone who uses the popular Cisco WebEx extension for Chrome should update to the latest version pronto. Google security researcher Tavis Ormandy recently discovered a serious vulnerability in the Chrome extension that leaves PCs wide open to attack.In older versions of the extension (before version 1.0.3) malicious actors could add a “magic string†to a web address or file hosted on a website. The magic string was designed to remotely activate the WebEx browser extension. Once the extension was activated the bad guys could execute malicious code on the target machine. To read this article in full or to leave a comment, please click here |
Envoyé |
Oui |
Condensat |
activate activated actors add address anyone article attack bad before browser chrome cisco click code comment could designed discovered easy execute extension file full google guys here hosted latest leave leaves machine magic malicious older once open ormandy pcs please popularâ cisco pronto read recently remotely researcher security serious severe should string string†target tavis update uses version versions vulnerability web webex website who wide â to “magic |
Tags |
|
Stories |
|
Notes |
|
Move |
|