FCKeditor Vulnerability Giving Hackers Access to Your PC

They say that the best place to start is at the beginning. I am going to do just that and start by telling you where this vulnerability has been reported. The latest news is that a vulnerability has been reported in the FCKeditor. This is worrying due to the factor that if this vulnerability is exploited by malicious characters then it may result in chosen systems being compromised as well as the disclosure of certain confidential information.

FCKeditor is a remarkable and user friendly text editor which is geared for the use of the internet. It is very easy to use and doesn't require any type of specific installation on the computer of the client. It has many exciting and easy to use new features with the inclusion of a variety of internal improvements. It is a powerful and easy to use desktop editor similar to that of Microsoft Word. Some of the files of Microsoft Word may include but are not limited to the following: AMOVIE.EXE, CAMCORDR.EXE, emwpg.dll, finstall.dll as well as grammar.dll.

This vulnerability is related to input which is passed from the parameter of the Current Folder to the connector modules that is not adequately confirmed, prior to being used. The risk with this vulnerability is that it may be exploited in order to access a victims sensitive information and  disclose specific content relating to uploading files to random locations or relating to the content of arbitrary directories.

This vulnerability is currently being exploited in the wild and has been rated as highly critical. You are more than likely wondering which versions are affected by this vulnerability. The versions which have been affected have been confirmed in versions before 2.6.4.1. The solution to this vulnerability is for all users to update to version 2.6.4.1, immediately.