Friday, November 6, 2009 at 07:31AM This short-cycle security and performance fix addresses several bugs that cause the 3.5.4 application to crash. This includes issues related to inserting multiple children without flushing them, gif decoder crashing and a startup crash related to the windows font group support. Administrators should apply this update to Fireforx 3.5.4.
Friday, October 30, 2009 at 08:16AM Developer Zach Gage has a digital art project which has appeared in Electro-online that is an online malware game called Lose/Lose. The game premise is that each Alien you destroy is based and linked to a file on the users computer. When you destroy the Alien, the file is deleted. Intego has labeled it as malware and tag it as OSX/LoserGame. Administrators should make sure that no users visit or play the game because it can result in data lost.
Wednesday, October 28, 2009 at 10:56AM Mozilla has released update 3.5.4 of Firefox which address various issues. This includes critical issues including crashes due to memory corruption, heap overflows due to string number conversions, crash due to web-work recursive calls and form history vulnerability.
MFSA 2009-64 Crashes with evidence of memory corruption (rv:1.9.1.4/ 1.9.0.15)
MFSA 2009-63 Upgrade media libraries to fix memory safety bugs
MFSA 2009-62 Download filename spoofing with RTL override
MFSA 2009-61 Cross-origin data theft through document.getSelection()
MFSA 2009-59 Heap buffer overflow in string to number conversion
MFSA 2009-57 Chrome privilege escalation in XPCVariant::VariantDataToJS()
MFSA 2009-56 Heap buffer overflow in GIF color map parser
MFSA 2009-55 Crash in proxy auto-configuration regexp parsing
MFSA 2009-54 Crash with recursive web-worker calls
MFSA 2009-53 Local downloaded file tampering
MFSA 2009-52 Form history vulnerable to stealing
Users should perform the update by selecting check for updates under the help menu. Macintosh administrators should mark this update as critical and perform it during their next update cycle via Apple Remote Desktop.
drStrangeP0rk
This update addresses the memory reallocation regarding handling changes to the color map in multi image GIF files. This exploitation could lead to an attacker executing code with the privileges of the users permissions.
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=830
Monday, October 12, 2009 at 10:51PM There have been reports that if you have guest accounts enabled in Leopard and perform an upgrade to Snow Leopard accounts will be reset in the same manner that guest accounts are. It is recommended that guest accounts be disabled before upgrade. After the upgrade setup guest accounts in Snow Leopard if needed. It is of course my recommendation that you never use guest accounts except in exceptionally controlled environment.
An alternative to guest accounts is setting up an managed user account with no password and using Parental controls to apply restrictions, one downside is the account will not reset. If you do experience a reset of user folders you can do the following to restore them:
Restore the entire system from Time Machine.
Restore just the home folder. (This requires additional procedures.)
drStrangeP0rk
This has been fixed in APPLE-SA-2009-11-09-1 Security Update 2009-006 / Mac OS X v10.6.2
Monday, October 12, 2009 at 07:25AM Their have been reports of a Phishing scam affecting various cell phone networks including AT&T which the iPhone is on. The Phishing expedition is conducted using text messaging. Users are told to call a number to solve a problem with their account, their credit card information is then harvested. Users should be aware that phishing can take place using traditional means and non-traditional means. We have become used to not responding to email but this is another vector of attack to steal information.
Users have to remember that just like phone calls and email, text messaging is a means to an end for an attacker. Administrators should remind users regularly about communication trends and common best practices used for any communication, regardless of method.
To listen to a tested transaction follow this link.
