As you are probably aware, back on December 15th we issued a Security Advisory for our WebWorks Help online help product. The security advisory was the result of several weeks extensive investigation of a potential loophole that could possibly be exploited by malicious software.  This was a situation we took very seriously and ensured that our most recent product release (ePublisher 2009.3) included fixes and updates to remedy the situation and remove the vulnerability going forward.

During our investigations and research we quickly discovered that we were far from the first vendor of publishing software to be in this position. It appears that several other vendors have also been similarly affected in recent years.

But what really caught our attention was a comment from a member of the ePublisher community:

“I never considered that my online help could be a potential attack vector!”

Traditionally online help is something that gets generated once and is then delivered with a product, or pushed out to a website. In most cases it continues to just sit there as web technology changes around it, becoming more and more vulnerable to hackers and malicious software.

Over the next few weeks we are planning several events that will hopefully help you answer the question I posed in the title of this post.

“Is your online help a security risk?”

More information will be posted here and on our Twitter feed in the next few days.