As reported earlier, Google has bypassed the cookie settings in both Apple’s Safari and Microsoft’s Internet Explorer web browsers. Thankfully, it wasn’t left unnoticed by the Federal Trade Commission.
With Internet Explorer 10 and more.
If you are curious to see the upcoming IE10 browser in action, check the full Windows Phone 8 Summit video above. Not interested in everything? No worries, browsers start at: 15:00 and 39:00!
Alternatively, check our recent post about the very same presentation.
If previous cash rewards were not enough to encourage you to start sniffing the code, then we have some good news.
Good news for Firefox users, thanks to the never ending Java vulnerability spree, Mozilla has decided to protect its users and from now on will block Java plugins with a Version 6 Update 30 and below as well as Version 7 Update 2 and below.
According to the official blog post, the February update for the Java Development Kit fixes a critical vulnerability, which prevents hackers from running exploit on user computer.
However, for those who want even more security, here is a simple tip: uninstall Java.
Security flaws everywhere.
After Google Chrome has been hacked twice, Microsoft’s Internet Explorer 9 was the second browser to fail the security challenge.
By exploiting two unknown vulnerabilities, Vupen Security was able to remotely open a calculator running on a Windows 7 SP1 machine. While no additional details were revealed, both IE and Google Chrome exploits were a combination of at least a couple of previously unknown flaws.
Identified as a bug CVE-2011-3046, discovered vulnerability is described as “UXSS and bad history navigation”, with no additional details revealed.
Security contests prove to be useful.
Just as some might have thought that Google’s Chrome sandboxing feature is bullet proof, Sergey Glazunov, a security researcher who have found quite a few vulnerabilities in the fast, has enriched his life with a $60k reward, received for a “Full Chrome” exploit, which bypassed the sandbox feature. Although Google Chrome was previously known to withstand various attacks in Pwn2Own and similar contests, this time it was the first to fail.
Justin Schuh, Chrome’s security team member said, “It was an impressive exploit. It required a deep understanding of how Chrome works. This is not a trivial thing to do. It’s a very difficult and that’s why we’re paying $60,000.”
The keyword here is “up to”.
Called Pwnium, contest attendees will be asked to exploit the Google Chrome web browser and in return, will be rewarded as follows:
Introduced years ago, Do Not Track allows users to opt out of tracking by advertising, social and other web sites that enjoy such data.
However, it’s not coming anytime soon, according to the report, Google Chrome is likely to introduce Do Not Track feature by the end of this year, which is 8-10 months away.