Malicious websites can remotely execute commands on Windows systems that have Cisco WebEx’s Chrome extension installed. About 20 million people actively use this broken software. All attackers need to know is a “magic URL” hidden within WebEx, Google Project Zero bug hunter Tavis Ormandy revealed on Monday. We think a secret “magic URL” is the nicest possible way of saying “backdoor,” be it deliberate or accidental.
View full story
ORIGINAL SOURCE: The Register