Investigators have found security flaws in the Web-based computer applications of Arizona's three public universities, according to a report released last Friday by the Arizona Office of the Auditor General. Web-based applications enable users to view or update information using Web browsers, such as Firefox and Internet Explorer, instead of downloading programs to their personal computers. Arizona State University, the University of Arizona and Northern Arizona University together use at least 205 Web-based applications for classes and administration. "These computer systems process various types of information, such as contact information, Social Security numbers and credit card numbers, for nearly 25,000 faculty and staff, more than 122,000 students, some of the 625,000 alumni and others, including prospective students applying for admission," the report says. In two Web applications, auditors found security weaknesses that would have enabled hackers to take over several user accounts, including some accounts "with high-level access" to sensitive information. Auditors were able to obtain more than 10,000 records that included names and Social Security numbers, and auditors discovered another security flaw that would enable hackers to install software with malicious programming. Based on their limited testing, the auditors concluded that vulnerabilities likely exist in many more of the universities' Web-based applications. In written responses to the report, the presidents of all three universities announced plans to find and fix network-security weaknesses.