A new flaw has been discovered by a security firm and researchers from Google that exists in contents of Adobe Flash files. They are the files that end with .swf.

They can be attacked by injecting malicious strings through cross-side scripting.

“Lots of people are vulnerable, and right now there are no protections available other than to remove those SWFs and wait for the authoring tools and/or Flash player to be updated,” says one fo the authors of the book, Hacking Exposed Web 2.0: Web 2.0 Security Secrets and Solutions.

Over 500,000 applets are affected according to a web search which return results from media, government, and corporate sites.

Source: The Register