Thank you for being a valued part of the CNET community. As of December 1, 2020, the forums are in read-only format. In early 2021, CNET Forums will no longer be available. We are grateful for the participation and advice you have provided to one another over the years.

Thanks,

CNET Support

Alert

NEWS - January 30, 2013

by Carol~ Jan 30, 2013 7:12AM PST
Firefox Continues to Curb Out-of-Date, Flawed Third-Party Plug-ins

After pushing its "click-to-play" blacklisting function live last fall, Mozilla has announced plans to further implement the security feature in its Firefox browser.

The company is planning to make it so only the most recent version of Flash is automatically run on web pages while users will have to verify if they want to view content on pages that uses plug-ins such as Silverlight, Java and Acrobat Reader.

Specifically, to protect its users, Mozilla plans to block versions of Flash older than 10.2 and the most recent versions of Silverlight, Java and Reader. Users will have to "click-to-play" to allow these plugins to work in their browser and from there, decide if they want them to run regularly.

Click-to-play operates as a blacklist of sorts for Firefox plugins. If a plug-in such as Java is either vulnerable or out of date, Firefox will disable it and require the user to verify whether they'd like to run it. When it comes to certain plug-ins, users can elect to always run them, run them on a page-by-page basis or never run them.

According to a post by Mozilla's Director of Security Assurance Michael Coates on the company's Security Blog yesterday, the change - which has no official timeline - is being done to get users more conscious exactly what's running on their machines.

Continued : https://threatpost.com/en_us/blogs/firefox-continues-curb-out-date-flawed-third-party-plug-ins-013013

Also:
Mozilla pulling plug on auto-running nearly all plugins
Firefox will block by default nearly all plugins
Mozilla to Require 'Click to Play' on Firefox Plugins

Discussion is locked

6 Posts
- Collapse + Expand Details
- Collapse -
Serious security holes fixed in Opera - but Mac App Store..
by Carol~ Jan 30, 2013 8:17AM PST
... users left at risk again

Opera has released a new version of its web browser - version 12.13 - and recommended that users update their installations to benefit from a series of security fixes as well as the usual "stability enhancements".

Version 12.13 of Opera for Windows, Mac and Linux is available for download from the Opera website, and you can read about the fixed security issues (including a high severity vulnerability that could be exploited to cause the web browser to crash, and in some cases execute arbitrary code such as malware, and another about how Opera handles boobytrapped SVG files) in their changelog.

It should go without saying that if you use Opera, you should update to version 12.13 as soon as possible.

But... what if you didn't get your copy of Opera from the official website?

What if, instead, you acquired your version of Opera for Mac from Apple's Mac App Store?

Continued : http://nakedsecurity.sophos.com/2013/01/30/opera-security-mac-app-store/

Additional information:

Updates : Opera 12.13 Released
Vulnerabilities & Fixes: Opera Multiple Vulnerabilities
- Collapse -
Latest VLC version has dangerous hole
by Carol~ Jan 30, 2013 8:18AM PST

The developers of the VLC video player have warned of a crashing bug in the latest 2.0.5 version of the application, which might be exploited to execute arbitrary code. The issue is a problem in the ASF demuxer (libasf_plugin.*), which can be tricked into overflowing a buffer with a specially crafted ASF movie. The developers note that users would have to open that specially crafted file to be vulnerable and advise users to not open files from untrusted third parties or untrusted sites.

Another workaround is to delete the demuxer plugin - found in \VLC\plugins\demux\libasf_plugin.dll on Windows - to disable the vulnerable function. A patch has been developed which replaces the vulnerable macro with static inline code and better bounds checking, and that has been applied to the forthcoming version 2.0.6 release of VLC. Already patched versions of VLC for Windows and Mac OS X are available from the VLC nightlies site, but may have other bugs as they are ongoing development versions.

http://www.h-online.com/security/news/item/Latest-VLC-version-has-dangerous-hole-1794474.html

- Collapse -
New Ransomware Encrypts Victim Data
by Carol~ Jan 30, 2013 8:18AM PST

An unusual new strain of ransomware makes good on its threat, doing what the majority of other varieties only claim to do. The Trojan actually encrypts data on infected machines, effectively rendering certain files inaccessible to users on compromised computers in order to block removal.

This veracious new version of the otherwise well-known police ransomware Trojan is unique but only in the sincerity of its promise. According to a report by Hynek Blinka on the AVG News and Threats blog, most ransomeware campaigns deploy a familiar warning, asserting that some crime has been committed by the user and that the user's machine will remain locked down or encrypted until that user pays the fine associated with their transgression.

In most cases, the malware can be found and subsequently removed without paying the fine (which may or may not resolve the problem anyway). In this case however, Blinka has witnessed the Trojan encrypting images, documents and executables in an attempt to hinder any removal attempts. Whomever is responsible for the malware is not in the business of completely crippling machines, so Windows system files are not included in the forced encryption. Infected computers will still function for the most part, but data will be lost and many third-party programs will not work.

Continued : https://threatpost.com/en_us/blogs/new-ransomware-encrypts-victim-data-013013

- Collapse -
BKA malware shocks victims with child pornography
by Carol~ Jan 30, 2013 8:18AM PST

Ransomware has taken a disturbing step forward by including illegal content in its demands. The German Federal Criminal Police (BKA) are warningGerman language link of a new piece of malware that accuses victims of distributing child pornography and demands payment of a fine. As is typical, the accusation is lent a spurious whiff of officialdom by displaying the logos of the German Federal Office for Information Security (BSI) and the German Society for the Prosecution of Copyright Infringement (GVU) and instructs victims to pay a €100 (approximately £85) fine to unlock their computers.

The new twist is that the malware also displays an child pornography image alongside the typical allegations that the infected computer has been used to distribute child pornography or for terrorist purposes, that it infringes copyright or has been utilised for other criminal acts. The BKA, which is roughly equivalent to the CID in the UK, and the BSI have also pointed out that saving or distributing the image would constitute illegal possession of child pornography.

Continued : http://www.h-online.com/security/news/item/BKA-malware-shocks-victims-with-child-pornography-1793910.html

- Collapse -
Browsers Beat Security Software in Phishing Protection Test
by Carol~ Jan 30, 2013 8:40AM PST

You'd feel bad if a burglar broke into your house and stole your new tablet computer, for sure. But you'd probably feel worse if a slick door-to-door scammer convinced you to hand it over for a "factory recall."

You're smart; you wouldn't fall for that kind of snake oil. However, online scams that create convincing fraudulent websites can trick even smart people. That's why browsers and security suites alike now build in detection to help you avoid fraudulent "phishing" websites. A report released today by Austin-based NSS Labs reveals a surprising result: your browser alone is most likely better at phishing protection than your security suite.

A Short, Nasty Life

Phishing attacks are short-lived. To start, the scammers create a new Web page that perfectly resembles PayPal, or eBay, or your bank's website. Some even scam login pages for Facebook or online gaming. When the page is ready they use spam emails, Facebook scams, and other techniques to put it in front of as many users as possible. Within hours the new phishing URL will be blacklisted, but the scammers can fleece quite a few victims in the meantime.

Continued : http://securitywatch.pcmag.com/none/307527-browsers-beat-security-software-in-phishing-protection-test

Also: Web Browsers Beat Endpoint Products in Blocking Phishing Attacks: Report

- Collapse -
Malware controls 620,000 phones, sends costly messages
by Carol~ Jan 30, 2013 8:41AM PST

A new discovered malware is potentially one of the most costly viruses yet discovered. Uncovered by NQ Mobile, the "Bill Shocker" (a.expense.Extension.a) virus has already impacted 620,000 users in China and poses a threat to unprotected Android devices worldwide.

The Bill Shocker is an SDK designed by malware developers that infects several of the most popular apps in China, including Tencent QQ Messenger and Sohu News. The infected versions of these apps are further distributed by third-party online app stores and retail installation channels.

Bill Shocker downloads in the background, without arousing the mobile device owner's suspicion. The infection can then take remote control of the device, including the contact list, Internet connections and dialing and texting functions. Once the malware has turned the phone into a "zombie," the infection uses the device to send text message to the profit of advertisers. In many cases, the threat will overrun the user's bundling quota, which subjects the user to additional charges.

Continued : http://www.net-security.org/malware_news.php?id=2391

Back to Spyware, Viruses, & Security forum

CNET Forums

Operating Systems
Software
Electronics & Gadgets
Hardware
Tablets & Mobile Devices
General Help
Brand Forums
Roadshow Autos
Off Topic

Other Forums

Forum Info