Zero-Day Disclosed in Unity Web Player

A zero-day vulnerability has been disclosed in the popular Unity Web Player browser plugin. The flaw allows an attacker crossdomain access to websites and services using the victim’s credentials.

With the release of Chrome 42 this week, Google fixed more than 40 vulnerabilities. But the most significant security change in the new browser is Google’s decision to disable the NPAPI, essentially turning off plugins such as Java and Silverlight by default. The decision didn’t come out of nowhere. Google warned developers and users about it […]

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.