PDFs on IE8 Can Disclose User Path Info

Using Internet Explorer and a virtual PDF generator to print a PDF file
from a HTML page causes the document’s entire storage path, for example
file://C:UsersdabDownloadsdocument.pdf, to be stored in the document itself. Read the full article. [The H Security]

Trojan Horse Behind Flash Install Spam

The latest malware spam email requests users to click on Flash download and install the “flashinstaller.exe,” but it has banking trojan behind it. Read the full article. [HelpNet Security]

Facebook administrators have blocked a clickjacking exploit that
displayed images of a scantily clad woman on profile pages without
first prompting the user for permission. Read the full article. [The Register]

Security researchers have identified a new worm spreading across
Facebook, luring people out to adult Web sites and automatically
replicating itself across people’s profile pages. Read the full article. []

The latest version of Microsoft’s Internet Explorer browser contains
a bug that can enable serious security attacks against websites that
are otherwise safe. The flaw in IE 8 can be exploited to introduce XSS, or cross-site
scripting, errors on webpages that are otherwise safe. Read the full article. [The Register]

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.