MAAS History
Archives
« Mac Trojan Spreading Via Social Networking Sites | Main | Firefox 3.6.11 »
Tuesday
Oct262010

Firefox 0day Delivers Windows Malware

A critical vulnerability exist in Firefox which affects all platforms and currently delivering Windows specific malware. One major concern is that this exploit targets an un-patch vulnerability. It would appear that the Bugzilla page which is password protected may have been part of the recon process in exploit discovery.

Open source code that is available for any coder to view represents a double edge sword, on the one hand the community works to improve the software. On the other side of that coin users with malicious intent have an excellent resource readily available including code and bugs reports. Currently open source and community based projects remain sound but code review is recommended for critical production systems.

If you are interested in exploit development source code can prove a useful tool. Many exploit and 0day authors will download open source code to truly understand how particular units may perform validation and verification of data. Skilled malicious actors do the same, normally however there are far more efficient methods for finding exploits. Code review is labor intense but the criminal life cycle is producing far more advanced skill sets. 

Macintosh administrator and users should be aware of this exploit and remain vigilant. Using NoScript in conjunction with an anti-virus product may be the best defense. Currently this exploit can deliver Mac based malware include fake installers and root kits.

PrintView Printer Friendly Version

EmailEmail Article to Friend

References (1)

References allow you to track sources for this article, as well as articles that were written in response to this article.

Reader Comments

There are no comments for this journal entry. To create a new comment, use the form below.
Member Account Required
You must have a member account on this website in order to post comments. Log in to your account to enable posting.