Malware, by the Script

There's really no way to prevent malicious scripts from being uploaded to most of today's Web 2.0 based sites. These sites, which allow users to create their own content, are wildly popular for social networking, blogging, and other interactive, community based activities, but they can harbor some wild exploits, too.

Luckily, most Web 2.0 exploits thus far have been fairly benign, such as worms, says Matt Fisher, a security engineer for SPI Dynamics, who discussed the latest Web application threats at the Computer Security Institute's 33rd Annual Conference and Expo in Orlando. "But what if someone were to use [Web 2.0] maliciously?" he says, such as with a zero-day browser bug like the recent VML one. Dark Reading - Application and Perimeter Security - Malware, by the Script - Security News Analysis

Linked by shanmuga Wednesday, 8th November 2006 6:09AM