A rather serious exploit has recently been discovered.
It’s called ClickJacking. The problem is in Adobe’s Flash player, which just about everyone in the world has installed (sometimes without even knowing it).
The vulnerability makes it possible for someone to control your computer’s webcam or microphone, lettting other people spy on you. It’s a serious problem.
Who’s at risk?
Anyone who has Flash version 220.127.116.11 or earlier is at risk. This includes Windows, Mac, and Linux users, and FireFox, IE, Safari, Chrome, and Opera users (does this list include you?)
What can you do to protect yourself?
Adobe is publishing a fix very soon and the best thing to do is to upgrade to the latest version of Flash. Flash should prompt you to download an update – say yes to this. Otherwise download the latest version from Adobe’s web site.
If for some reason you can’t update Flash on your PC there’s another way to protect yourself (this is a last resort tactic, updating Flash is much safer). The workaround is to set the Always Deny option, as detailed here on Adobe’s site.
Someone has gone to the trouble of setting up a sample of how the exploit works and recorded a video to demonstrate. Play the YouTube video in this article.