MAAS History
Archives

Entries by drStrangeP0rk (171)

Tuesday
Oct262010

Firefox 0day Delivers Windows Malware

DateTuesday, October 26, 2010 at 09:50PM

A critical vulnerability exist in Firefox which affects all platforms and currently delivering Windows specific malware. One major concern is that this exploit targets an un-patch vulnerability. It would appear that the Bugzilla page which is password protected may have been part of the recon process in exploit discovery.

Open source code that is available for any coder to view represents a double edge sword, on the one hand the community works to improve the software. On the other side of that coin users with malicious intent have an excellent resource readily available including code and bugs reports. Currently open source and community based projects remain sound but code review is recommended for critical production systems.

If you are interested in exploit development source code can prove a useful tool. Many exploit and 0day authors will download open source code to truly understand how particular units may perform validation and verification of data. Skilled malicious actors do the same, normally however there are far more efficient methods for finding exploits. Code review is labor intense but the criminal life cycle is producing far more advanced skill sets. 

Macintosh administrator and users should be aware of this exploit and remain vigilant. Using NoScript in conjunction with an anti-virus product may be the best defense. Currently this exploit can deliver Mac based malware include fake installers and root kits.

AuthordrStrangeP0rk | CommentPost a Comment | Reference1 Reference |
in , , , , , ,
Wednesday
Oct202010

Firefox 3.6.11

DateWednesday, October 20, 2010 at 07:15PM

Mozilla.org has released an update to Firefox to address several security and stability issues. Taken directly from Firefox's security site:

MFSA 2010-72 Insecure Diffie-Hellman key exchange
MFSA 2010-71 Unsafe library loading vulnerabilities
MFSA 2010-70 SSL wildcard certificate matching IP addresses
MFSA 2010-69 Cross-site information disclosure via modal calls
MFSA 2010-68 XSS in gopher parser when parsing hrefs
MFSA 2010-67 Dangling pointer vulnerability in LookupGetterOrSetter
MFSA 2010-66 Use-after-free error in nsBarProp
MFSA 2010-65 Buffer overflow and memory corruption using document.write
MFSA 2010-64 Miscellaneous memory safety hazards (rv:1.9.2.11/ 1.9.1.14)

Users should apply the update, in addition users should clear their DNS cache and browser storage. 

AuthordrStrangeP0rk | CommentPost a Comment | Reference2 References |
in ,
Wednesday
Oct202010

APPLE-SA-2010-10-20-1 Java for Mac OS X 10.6 Update 3

DateWednesday, October 20, 2010 at 07:08PM

Apple has released an updates to Java for Mac OSX Server and Client 10.6 to address server vulnerabilities which are dated. This includes a fix to prevent an unsigned applet from execution outside the sand-box, proper handling of MACH RPC messaging and improvement to handling window bonds.

Users should apply this update via Software Update, no restart is needed. Users also should clear out their Java Cache. For More information please see reference link.

AuthordrStrangeP0rk | CommentPost a Comment | Reference1 Reference |
in , ,
Wednesday
Oct202010

APPLE-SA-2010-10-20-2 Java for Mac OS X 10.5 Update 8

DateWednesday, October 20, 2010 at 06:59PM

Apple has released an updates to Java for Mac OSX Server and Client to address server vulnerabilities which are dated. This includes a fix to prevent an unsigned applet from execution outside the sand-box, proper handling of MACH RPC messaging and improvement to handling window bonds. Users should apply this update via Software Update. For More information please see reference link.

AuthordrStrangeP0rk | CommentPost a Comment | Reference1 Reference |
in , ,
Tuesday
Oct192010

Google Updates Chrome to 7.0.517.41

DateTuesday, October 19, 2010 at 08:49PM

Google has released an update of Chrome to the stable channel to address various stability and security issues. This includes fixes to crashes with forms, crash using auto fill, URL spoofing on page unload, element persistence in the element map and sandbox process failures (Not Confirmed on Mac OSX but affect Linux distributions). 

Users should apply the update by opening about Chrome and clicking on the check for updates link. For more information about improvements visit the reference links below. 

AuthordrStrangeP0rk | CommentPost a Comment | Reference1 Reference |
in , ,
Page 1 ... 3 4 5 6 7 ... 35 Next 5 Entries ยป