From the category archives:

Browser

Opera Vulnerability Identified

by certifiedbug on March 6, 2010

in Browser

A vulnerability rated as critical has been identified in Opera 10.50 and prior versions.

The buffer overflow error when processing malformed HTTP “Content-Length:” headers could be exploited by remote attackers to crash an affected browser or execute arbitrary code by tricking a user into visiting a web page hosted on a malicious web server.

Confirmed by VUPEN with Opera version 10.50 on Windows XP SP3.

Reference: http://www.vupen.com/english/advisories/2010/0529

{ 0 comments }

Virus Bulletin Poll-Nearly 20% still running Insecure IE 6

by certifiedbug on February 24, 2010

in Browser

A poll by Virus Bulletin showed a large number of respondents are still running IE 6, even in the workplace.

In VB’s poll, 15% of respondents said they were running the browser at work, indicating that, for many organizations, upgrading is not a priority – whether that is for reasons of compatibility with legacy applications or simply due to a lack of urgency in their IT departments. Campaigners who run the site www.ie6nomore.com hope that as corporate users find their browsing experience increasingly compromised by pages that fail to render properly in the aging browser, they will complain to their IT departments and put pressure on them to roll out an upgrade or install alternative browsers.

Upgrade to Internet Explorer 8

Hat tip to Sunbelt Blog: Are you reading this with Internet Explorer version 6?

{ 0 comments }

Update on AMO Security Issue

February 10, 2010

Mozilla
Last week, we disclosed two instances of suspected malware in experimental add-ons on AMO. Since that disclosure, we’ve worked with security experts and add-on developers to determine that the suspected trojan in Version 4.0 of Sothink Video Downloader was a false positive and the extension does not include malware. The same investigation also [...]

Read the full article →

Malware found in Firefox Add-ons

February 5, 2010

Security Issue on AMO according to Mozilla alert.
Two experimental add-ons, Version 4.0 of Sothink Web Video Downloader and all versions of Master Filer were found to contain Trojan code aimed at Windows users. Version 4.0 of Sothink Web Video Downloader contained Win32.LdPinch.gen, and Master Filer contained Win32.Bifrose.32.Bifrose Trojan. Both add-ons have been disabled on AMO.
Impact [...]

Read the full article →

Microsoft Security Advisory (980088)

February 4, 2010

TechNet.
Vulnerability in Internet Explorer Could Allow Information Disclosure
Published: February 03, 2010
Version: 1.0
Microsoft is investigating a publicly reported vulnerability in Internet Explorer for customers running Windows XP or who have disabled Internet Explorer Protected Mode. This advisory contains information about which versions of Internet Explorer are vulnerable as well as workarounds and mitigations for this issue.
Our [...]

Read the full article →

Google phasing out support for old browsers

January 30, 2010

​The web has evolved in the last ten years, from simple text pages to rich, interactive applications including video and voice. Unfortunately, very old browsers cannot run many of these new features effectively. So to help ensure your business can use the latest, most advanced web apps, we encourage you to update your browsers as [...]

Read the full article →

Firefox 3.6 Released

January 21, 2010

Notable Firefox 3.6 features include:

Available in more than 70 languages – get your local version.
Support for a new type of theme called Personas, which allow users to change Firefox’s appearance with a single click.
Protection from out-of-date plugins to keep users safer as they browse.
Open, native video can now be displayed full [...]

Read the full article →

Google shows “Tank Man”

January 14, 2010

Early morning articles report that the censored photo of the Chinese “Tank Man”, who boldly stood in front of a line of tanks during the 1989 Tiananmen Square pro-democracy protests crackdown, was available on Google’s Chinese website, Google.cn, hours after Google threatened to defy Chinese Internet censors. http://certifiedbug.com/blog/2010/01/13/google-takes-step-for-human-rights/
A Google.cn search showed this drop down [...]

Read the full article →

Google takes step for Human Rights

January 13, 2010

Google disclosed on their blog that they were hit with a targeted trojan aimed to gain access to Gmail accounts of Chinese human right activists.
We have taken the unusual step of sharing information about these attacks with a broad audience not just because of the security and human rights implications of what we have unearthed, [...]

Read the full article →

Firefox 3.5.7 released

January 5, 2010

Fixed in Firefox 3.5.7

A common stability issue.

A problem with how updates were being presented to users.

If you don’t receive the update notice when using the program select “Check for Updates” from the Help menu.
Firefox 3.5.7
Download
Release Notes

Read the full article →

← Previous Entries