Une faille touche actuellement Adobe Flash
"Malicious hackers are using booby-trapped Flash banner ads to hijack clipboards for use in rogue security software attacks. In the Web attacks, which target Mac, Windows and Linux users running Firefox, IE and Safari, hackers are seizing control of the machine?s clipboard and using a hard-to-delete URL that points to a fake anti-virus program"
Pour l'instant peu HIPS (aucun ?) ne détectent le "processus.
source : http://blogs.zdnet.com/security/?p=1733 (une démo de l'exploit est disponible dans l'article, essayez de copy/paste)
La solution pour les utilisateurs de Firefox est l'utilisation de Noscript.
Adblock Plus bloquerait aussi (je n'ai pas la certitude), et la nouvelle "Malware Domains blocklist" est disponible (40,000 domaines bloqués).
Des solutions alternatives font leurs apparitions pour les autres navigateurs.1. The list won't prevent you from going to one of these blocked sites - "but it will block for example any iframes or Flash objects from this domain" (quote ABP author Wladimir Palant).
2. According to this site, do not subscribe to this list with Firefox 2! It will only be sufficiently fast in Firefox 3, and even then you have to accept 3-4 seconds delay at browser startup and shutdown. It won’t cause noticeable delays during browsing however.