News

Widgets pose security risk, says Finjan

Antony Savvas

Seemingly innocent widgets (or gadgets) are exposing computer users to a whole host of attacks.

The warning is covered in Finjan's third quarter Web Security Trends Report and is a potential blow to those firms planning to adopt such Web 2.0 applications.

Widgets add functions to websites and applications, but can also contain code that is vulnerable to exploits by hackers and criminals.

Security software firm Finjan's research suggests that new attacks that exploit the insecurities of widgets are imminent, and that a revised security model should be explored in order to keep users protected from such attacks.

All types of widget environments - OS, third party applications and web widgets - were found by Finjan to be plagued with inadequate security models that allowed malicious widgets to run.

In addition, Finjan has found vulnerable widgets that were already available - some in the default installation - in the widget environment. These findings have already prompted Microsoft and Yahoo to issue security advisories and patches to address security issues, said Finjan.





 

COMMENTS powered by Disqus  //  Commenting policy