This work is licensed under a Creative Commons Attribution-Noncommercial-Share Alike 2.5 License.
Adobe just patched up a gaping security flaw that could affect anyone who logs on to eBay, Tumblr, Instagram, or other popular sites. If you’re a person who visits any of those domains (or really, any website out there that might use Flash), you really should update your stuff right now.
Basically, the flaw—which security blogger Michele Spagnuolo says has been well known in the infosec community—made it possible for hackers to steal the cookies that authenticate returning users on sites like eBay, Twitter, Tumblr, and thousands more. Spagnuolo says that so far, no tools have been made public to exploit the fluke. Since there was no proof of concept that the exploit could work, “this led websites owners and even big players in the industry to postpone any mitigation until a credible proof of concept was provided,” Spagnuolo says.
Read the full article @ Gizmodo.com.