Let us visit a given webpage on which video files and/or java applets are embedded. Could clicking to start on these videos/applets lead to a drive-by download attack ?
-
[See also](http://security.stackexchange.com/questions/18086/virus-encoded-in-video). – Polynomial Jul 25 '14 at 09:48
1 Answers
Absolutely.
Java applets have been used over and over for drive-by attacks purposes, and although the situation got better since mandatory click-to-play was instated, the applet sandbox isn't a lot more trustworthy than it used to be. By the way, be careful when reading the launch message, because if the applet is signed, no vulnerability has to be used, it will already have full access to your system.
As for videos, Flash also has a terrible track record when it comes to security. A lot of vulnerabilities (CVE-2014-0515 being the latest in date) are used routinely to perform arbitrary code exploitation through this plugin.
Bottom line, the more technologies you cram into a browser, the more vulnerable it gets. The examples you give are perfectly reasonable attack scenarios even if you use a different plugin than Flash to read videos. If you want to reduce your attack surface, don't allow sites that you don't explicitly trust to run code inside your browser (not even JavaScript).
- 4,792
- 4
- 24
- 25