[ UPDATE: See e-mail from NoScript creator Giorgio Maone on a possible mitigation ]
Researchers are beginning to raise an alarm for what looks like a scary new browser exploit/threat affecting all the major desktop platforms -- Microsoft Internet Explorer, Mozilla Firefox, Apple Safari, Opera and Adobe Flash.
The threat, called Clickjacking, was to be discussed at the OWASP NYC AppSec 2008 Conference but, at the request of Adobe and other affected vendors, the talk was nixed until a comprehensive fix is ready.
The two researchers behind the discovery -- Robert Hansen (left) and Jeremiah Grossman -- have released droplets of information to highlight the severity of this issue.
So, what exactly is Clickjacking?
[ SEE: Adobe Flash ads launching clipboard hijack attack ]
If that's not scary enough, consider than the average end user would have no idea what's going on during a Clickjack attack.
According to Hansen, the threat scenario was discussed with both Microsoft and Mozilla and they concur independently that this is a tough problem with no easy solution at the moment.
Grossman confirmed that the latest versions of Internet Explorer (including version 8) and Firefox 3 are affected.