|
|
|
|
|
|
by btown
4363 days ago
|
|
|
Given the nastiness of this attack (a fully interactive client-side backdoor!), the non-trivial nature of the algorithms and coding theory required, and the slow uptake of Flash patches especially in enterprise [1], this seems like downright irresponsible disclosure to share such a detailed post (with a repository and detailed instructions for script kiddies!) so quickly after notifying companies. I can understand all too well how excited the researcher must have been to discover this and share it with the world, but jeez: wait until the Flash patch hits an inflection point on the adoption curve at least! [1](http://krebsonsecurity.com/2014/05/the-mad-mad-dash-to-updat...) |
|
|