The federal government’s cyberdefense arm today warned users of the popular QuickBooks small-business accounting software that they risk losing data and control of their PCs to hackers.

According to two advisories published by the U.S. Computer Emergency Readiness Team (US-CERT), the ActiveX control that enables Intuit Inc.‘s
QuickBooks Online Edition contains flaws that attackers can exploit
simply by getting users to view an HTML e-mail message or visit a
malicious Web site.

Story continues at