Firefox 2.0.0.10 released

Firefox 2.0.0.10 fixes three vulnerabilities

One of them fixes cross site scripting -vulnerability which is related to jar prorocol.

Second one fixes 3 memory corruption bugs which affect browser stability and which can be used in certain situations to execute malicious code.

Third one fixes referer-spoofing via window.location race condition. This means that browser can announce wrong referer to used site. This can be used to pass security mechanisms of web services which wait for right referer.

Download Firefox

Keep your programs up-to-date

Nothing is more important than keeping installed programs up-to-date. That's because many programs have security vulnerabilities and new versions come to fix those.

Maybe the most popular tool for that is Secunia Software Inspector

List of applications it covers

Another handy tool is Filehippo update checker

That compares programs installed on computer to those in Filehippo database which is pretty good one.

"Man in the Browser" - new technique to steal online bank logon credentials

F-Secure warns about a new way to steal online bank logon credentials; "Man in the Browser" - technique, which steals them from browser session and sends to criminal servers.

This technique is based on malware in computer which activates only when user uses online bank. Malware can save username and password from html-code in browsers. These information are being sent to ftp site from which criminals sold them to other criminals.

Network criminals have always used means to steal personal data and bank logon credentials; those techniques have only developed because security programs have, too.

First way was keyloggers and after those phishing and pharming.

In phishing, emails, which are masked to look like ones from bank, are being used. When user opens link in message, he enters a fraud site which looks like real online bank site. When he enters logon credentials they get stolen.

In pharming user is being re-directed from real online bank site to fraud one, forging of URL takes place on internet level.

- Phishing is loosing its force because banks have strengthen logon security. For same reason "Man in the Browser" attacks are growing, says Mikko Hyppönen from F-Secure.

Source: F-secure

COMODO Firewall Pro 3 released

COMODO Firewall Pro 3 was released yesterday. COMODO is one of the best free firewalls
available, I use it also myself ;)

What is New in CFP 3?
----------------------------
NEW! Windows Vista and 64 bit OS support
NEW! Patent-pending Host Intrusion Prevention System(HIPS) a.k.a Defense+
NEW! Intuitive Graphical User Interface
NEW! "Training Mode"
IMPROVED! Re-engineered Network Firewall Engine
IMPROVED! Security rules interface

Get your own version here
and read more from here

Source: Comodo

November Windows updates released

There are only 2 updates in monthly Windows update package.

First of them is for a critical vulnerability in uri technology (uniform resource identifier). That means situations in which user opens programs by clicking a web link. There have been found situations in which crackers have included on code in those links and tried to get own software to users computer.

That vulnerability is for IE 7 only and it's not in browser itself but in shell32.dll file. Same vulnerability was fixed in Firefox already in summer.

Second update is for vulnerability in Windows DNS Server service in Windows 2000 Server and Windows Server 2003 operating systems. This spoofing vulnerability could allow an attacker to send specially crafted responses to DNS requests, thereby spoofing or redirecting Internet traffic from legitimate locations.

Updates for Vista

Microsoft has released updates for Vista. Those eg, make startup faster, improve mobile device battery lifetime, make for PCs using UPS more stable and Vista more reliable. Also 3rd party security programs should be now better compatible with Vista.

If user doesn't want to download them now, he can get them with Windows Vista Service Pack 1.

Links for updates and their descriptions:

http://support.microsoft.com/kb/941649
http://support.microsoft.com/kb/941600
http://support.microsoft.com/kb/941229

International malware statistics from October

Trojans consisted 26 percent of infections and adware 23 percent of them in October.

PandaLabs leader Luis Corrons says that trojans can be widely used for criminal purposes because they can bring significant amount of money to their creators. This is possible either straight via identity thefts which can be used in net frauds or indirectly by charging advertisers from spams sent via botnets.

After trojans and adware, third most popular group were worms (8,3 %).

This malware type is getting more rare because malware creators are motivated by money. Worms were responsible for some of the worst virus epidemics in the past but they are now seemingly decreasing.

Other malware types were backdoors (4 %), spyware (3 %), dialers (3 %) and bots (2 %).

International malware statistics, October 2007

1. Trojan Downloader.MDW
2. Adware PC-Prot, new
3. Trojan Downloader.OZB
4. Trojan Lineage.BZE, new
5. Worm IRCbot.BEP
6. Worm Brontok.H
7. Worm Puce.E
8. Backdoor Hupigon.AZG, new
9. Trojan Dropper.UN, new
10. Worm Sdbot.ftp, new

Source: Panda

Copy protection makes Windows vulnerable

Earlier on October was found a vulnerability in Macrovision Safedisc copy protection (affects XP and Server 2003 operating systems).

Driver suffers from corruption error which means that attacker can get access to core and take over computer completely.

Using that vulnerability probably needs that victim opens bad file attachment via instant messenger or email.

Microsoft has released security advisory regarding that issue though problem is related to 3rd party software.

Macromedia has released patch for that and Microsoft will release own fix among November security bulletin.

QuickTime 7.3 released

New QuickTime 7.3
is now available for both Mac and Windows.

There have been fixed 7 vulnerabilities, six of them are related to user lured to open dangerous picture or video file.

Last vulnerability is related to QuickTime for Java.

Firefox 2.0.0.9 released

Firefox 2.0.0.9 was released yesterday.

This release corrects problems
that were found in Firefox 2.0.0.8.

Download Firefox