Forgive the cross post. This looked important enough to send to both lists.
There is an interesting article from Infoworld today at <http://www.infoworld.com/d/security-central/beware-frighteningly-bad-flash-flaw-say-researchers-254>. We have a Flash-based Web site, and I have talked with our MIS people about our vulnerability. Their take is that yes, there is a security hole, but it's not specific to Flash. One could just as easily upload a malicious JavaScript file, or even a C++ file masquerading as a .swf, if the server's security doesn't check to see if a file is what it says it is (most servers, according to the article, don't). So there's a healthy dose of hyperbole in the article, and it is somewhat misleading saying that it is a Flash security issue. I'm passing it along anyway. Cordially, Kerry Thompson _______________________________________________ Flashcoders mailing list [email protected] http://chattyfig.figleaf.com/mailman/listinfo/flashcoders
