Talk:Malware from mass SQL injections confirmed by security experts

I have no clue what this is trying to say. DragonFire1024 (Talk to the Dragon) 21:03, 23 May 2008 (UTC)Reply

Someone cleaned it up and I did a little...now whats wrong? What needs more c/e? really template tag is getting boring. DragonFire1024 (Talk to the Dragon) 20:26, 29 May 2008 (UTC)Reply

The title, for a start, only makes sense if you come from a techie background. --Brian McNeil / ^talk 20:28, 29 May 2008 (UTC)Reply

I am not experienced in this field, but other than the spelling os Malwares...I understood the title. DragonFire1024 (Talk to the Dragon) 20:32, 29 May 2008 (UTC)Reply

• In no way does this article explain what the problem is, or what is going on. You need to have a more-than-basic grounding in IT to know what on Earth it is going on about.

First off, a vulnerability has been exploited to place arbitrary content on a number of sites.

Second, this arbitrary content is malicious to end-users who view web pages where it is contained.

Last, in no way, shape, or form does this article make that clear. --Brian McNeil / ^talk 21:03, 29 May 2008 (UTC)Reply

Tried to clean it up as best I could. B2xiao (talk) 18:59, 31 May 2008 (UTC)Reply

I think a more appropriate title is "20,000 websites attacked ..." where ... is something I haven't quite worked out yet ("by SQL injections" is probably too technical, "by unknown hackers" sounds too speculative). B2xiao (talk) 19:02, 31 May 2008 (UTC)Reply

To clarify: the concern isn't the SQL injections, but the Flash vulnerability. The exploit is called a "zero-day" exploit -- one for which no patch exists, as opposed to an exploit which uses a patchable vulnerability. Perhaps "20,000 websites attacked with previously unknown vulnerability" may be more correct (though it should preferably mention Flash without being too wordy). B2xiao (talk) 20:51, 31 May 2008 (UTC)Reply

You DAMN RIGHT!!!! but its attack seemed to be derived from SQL injection? Brock ^contact... 06:03, 1 June 2008 (UTC)Reply

Here's what happened. A zero-day flaw in Adobe Flash was discovered, which allows arbitrary code execution on a vulnerable client (i.e. web-browser running Flash). Hackers then found SQL injections in several websites (SQL injections are relatively common and stem from improper or incomplete input validation), and used these SQL injections (which, by themselves, have nothing to do with Flash) to insert exploits for the Flash code, or redirects to pages where such code is hosted.

Now, there are two concerns. The Flash vulnerability is foremost, since it allows a user's computer to be compromised, installing all sorts of malware on the computer (effectively giving the remote attacker complete control over the computer). The SQL injections are also worrisome, since SQL injections are a common attack vector for numerous other exploits, such as cross-site scripting attacks (commonly ones which steal logon credentials and the like), drive-by malware (via, for example, iframes containing malicious code), etc. The fact that the hackers were able to find over 20,000 websites with this vulnerability is very worrisome indeed. b2xiao (talk) 18:59, 1 June 2008 (UTC)Reply

What are "SQL injections" ? What is "malicious Flash code" ? What is a "patch" ? These are terms which should be explained and given context, at least briefly, for readers who may not understand. Cirt (talk) 13:51, 1 June 2008 (UTC)Reply

Hmm, you are right. Unfortunately, all the sources save one are from technical publications (the exception being Forbes). I will probably take some cues from the Forbes article to de-technicalize the article. Thanks for your comments! b2xiao (talk) 19:00, 1 June 2008 (UTC)Reply

It looks like this article is now out-of-date. The source at ZDNet posted a retraction (of sorts) two days after the 'zero day' report, on May 29, 2008 [2]. Similarly, the Register [3] indicated on May 27, 2008 that the vulnerability applies only the the developer's kit and not to the widespread plugins. Could someone please check this out and clarify the article? StockGear (talk) 16:03, 5 June 2008 (UTC)Reply

Seems a little odd that the hackers would bother to attack 20,000 websites, potentially robbing them of future targets, for a Flash vulnerability that is not widespread. Anyway, perhapsthis is a better source for the news (though outdated, it would appear that the attacks are continuing), which documents other vulnerabilities that are being used in these exploits. b2xiao ^talk 03:11, 6 June 2008 (UTC)Reply

Well, I don't think that an even earlier (May 21, 2008) article at the Register invalidates its later May 27 article that I cited; on the contrary. I also am not going to speculate about the amount of sweat equity that hackers consider acceptable in order to generate a return on their 'investment.' It strikes me that the article is rather alarmist based on the information I saw. StockGear (talk) 19:58, 6 June 2008 (UTC)Reply

...to find instructions for "how to disable flash [in IE and Ffx]"? Telling people about a problem is good, but if you can also show (Or link to) instructions to fix it, it would be (near?) perfect. 68.39.174.238 21:31, 5 June 2008 (UTC)Reply