Tag: Security
Mozilla to Patch Critical Firefox 3.5 Vulnerability
Soon enough we will see Firefox 3.5.1 release as Mozilla is working hard to fix the critical security flaw.
Meanwhile, you may temporary mitigate it by disabling JIT in the JavaScript engine, to do so:
Type about:config in the location bar
Search for javascript.options.jit.content, double click it to set it to false.
Mac OS X 10.5.7 Update
The latest Mac OS X 10.5.7 update resolves few security issues for both, Safari 4 and 3.2.3 web browsers.
To get more details, please visit the following:
About the Safari 4 Public Beta Security Update
About the security content of Safari 3.2.3
Firefox – Browser with the Most Disclosed Vulnerabilities
From .PDF (download)
“This year, Secunia published advisories for the four most widely used web browsers: Internet Explorer (IE), Safari, Opera, and Mozilla Firefox. 31 vulnerabilities were reported for Internet Explorer (IE 5.x, 6.x, and 7), including those publicly disclosed prior to vendor patch as well as those included in Microsoft Security Bulletins. Continue Reading
eBay Scammers Work Unpatched Vulns in Firefox, IE
From TheRegister:
“eBay scammers have been exploiting unpatched vulnerabilities in the Firefox and Internet Explorer browsers to deliver counterfeit pages that try to dupe people surfing the online auction house to bid on fraudulent listings.”
Continue reading at The Register
New Apple Safari Vulnerability Discovered
Guy Brian has discovered a new Safari vulnerability which affects Mac OS X 10.5 (Leopard) users who haven’t changed default feed reader preferences.
This vulnerability allows phishing sites to silently read all the user data from hard drive without him knowing that.
There is however a workaround for Safari users on Windows OS. Continue Reading
Web Browsers Security Handbook
Now here is something quite informative. Browser Security Handbook published by Google.
As Google explains, the document is meant to provide web application developers, browser engineers, and information security researchers with a one-stop reference to key security properties of contemporary web browsers.
The following browsers are included: Continue Reading
Trojan for Firefox
BitDefender has identified this new bit of holiday cheer as Trojan.PWS.ChromeInject.A.”
The trojan installs itself into Firefox’s add-on directory, registers itself as Greasemonkey, and begins searching your hard drive for passwords, login details, your World of WarCraft account information, and your library card number.
Once installed, the trojan is capable of identifying over 100 web sites. When an infected user visits a site the trojan recognizes, the parasite comes to life and records the login/password details being transmitted. Presumably it then goes back to sleep, quietly keeping an eye on further system activity.
For more details, check original post by ArsTechnica.
[digg-reddit-me]
Google Chrome Download Vulnerability
US-CERT is aware of a vulnerability that affects the Google Chrome web browser. This vulnerability is due to a default configuration that allows files to be downloaded without prompting the user. In addition, downloaded files can be opened with a single click, which could allow a user to inadvertently open a malicious file.
US-CERT encourages users to enable the “Ask where to save each file before downloading” option within the “Minor Tweaks” tab in the browser preferences. Continue Reading
Safari 3.1.2 for Mac OS X Released
Few weeks ago Apple released Safari 3.1.2 for Windows. Well, today you can download Safari 3.1.2 for Mac OS X as well. This release fixes the following security issue:
Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution.
New release can be downloaded and installed via Software Update preferences, or from Apple Downloads.
Web Browsers Security Test
Time for yet another web browsers security article. So there’s a test called “Browser Security Test” which I found today and decided to run it on the latest stable web browsers releases. What about results?
Firefox 2.0.14 – All Passed
Firefox 3.0 – All Passed Continue Reading
