Your Corporate Webinar Just Went From Boring to Possibly Dangerous
A recently reported flaw in Corporate America’s ubiquitous platform Cisco WebEx should have a lot of IT staff paying close attention to mitigating it pronto. Via the browser plugin installed for meetings silent Remote Code Execution commands to run scripts or launch applications without even asking, “Is this OK”?
According to Tavis Ormandy at Google’s Project Zero, who discovered and documented the bug, there are more than 20 million WebEx users worldwide. Perhaps the best known example of a problematic plugin is Adobe Flash, which has provided cybercrooks with such a fruitful source of exploitable security holes over the years that we have long been urging you to try to live without Flash altogether.
It isn’t just the boredom you have to worry about now people!