Note:- Dear Readers,
Adobe has released version 9.3.4 and 8.2.4 of Adobe Reader and Acrobat for Windows, Mac OS X and Unix operating systems. According to Adobe’s security advisory, this release fixes critical vulnerabilities which allow for remote code execution: “These vulnerabilities could cause the application to crash and could potentially allow an attacker to take control of the affected system.” This can happen by just browsing through the Internet or with malicious email attachments, for example. They were made public on the Black Hat conference three weeks ago.Read Full Post | Make a Comment ( Comments Off on Adobe Patches Reader and Acrobat )
Microsoft Security Essentials is a free antivirus and antispyware program for windows which provides real-time protection for your home PC that guards against viruses, spyware, and other malicious software.
Once you installed Microsoft Security Essentials (MSE), you would need to update it with latest virus definitions which requires around 40MB download.Read Full Post | Make a Comment ( 4 so far )
20 july 2009
Mozilla says that the reports from SANS and IBM are incorrect. Based on internal testing, the vulnerability is not exploitable.
"In the last few days, there have been several reports (including one via SANS) of a bug in Firefox related to handling of certain very long Unicode strings. While these strings can result in crashes of some versions of Firefox, the reports by press and various security agencies have incorrectly indicated that this is an exploitable bug. Our analysis indicates that it is not, and we have seen no example of exploitability," wrote Mike Shaver on the Mozilla Security Blog.
"As a result of our analysis, we do not believe that this represents an exploitable vulnerability in Firefox. Further, we believe that the IBM report is in error, and that the severity rating in the National Vulnerability Database report is incorrect. We have contacted them and hope to resolve the inaccuracies shortly."
19 july 2009
On Friday, Mozilla released Firefox 3.5.1 to address a vulnerability in the Just-in-Time (JIT) compiler. Now, there are confirmed reports of a second vulnerability, exploit code already published, which affects Firefox 3.5.1, and other versions could be vulnerable as well.
The vulnerability is a remote stack-based buffer-overflow, triggered by sending an overly long string of Unicode data to the document.write method. If exploited, the resulting overflow could lead to code execution or if exploit attempts fail, a denial of service scenario. The flaw has posted proof-of-concept code, which can be viewed here.
Currently there is no patch for this vulnerability In addition, this vulnerability was discovered by the same person who published details on the previously patched flaw.
Read Full Post | Make a Comment ( Comments Off on New Vulnerability Discovered in Firefox 3.5.1 (update) )
“ Firefox user zbyte reported a crash that we determined could result in an exploitable memory corruption problem. In certain cases after a return from a native function, such as escape(), the Just-in-Time (JIT) compiler could get into a corrupt state. This could be exploited by an attacker to run arbitrary code such as installing malware.”
- Super Speed new
View Web pages way faster, using less of your computer’s memory.
- Anti-Phishing & Anti-Malware improved
Enjoy the most advanced protection against online bad guys.
- Session Restore improved
Unexpected shutdown? Go back to exactly where you left off.
- One-Click Bookmarking
Bookmark, search and organize Web sites quickly and easily.
- Easy Customization improved
Thousands of add-ons give you the freedom to make your browser your own.
- Tabs improved
Do more at once with tabs you can organize with the drag of a mouse.
- Instant Web Site ID
Avoid online scams, unsafe transactions and forgeries with simple site identity.
I strongly recommend that all firefox 3.5 users upgrade to this latest release. If you already have Firefox 3.5, you will receive an automated update notification within 24 to 48 hours. This update can also be applied manually by selecting “Check for Updates…” from the Help menu. You can download Firefox 3.5.1 from official Mozilla site.
Read Full Post | Make a Comment ( 1 so far )