Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: 'State-sponsored attackers' using IE zero-day to hijack GMail accounts


14 Jun 2012   #1

Windows 7 Ultimate x64, XP Mode, W8.1 Preview VM - 7 Pro x64 second remote tower
 
 
'State-sponsored attackers' using IE zero-day to hijack GMail accounts

Quote:
'State-sponsored attackers' using IE zero-day to hijack GMail accounts
Quote:



By Ryan Naraine

June 13, 2012, 9:36am PDT


Summary: Microsoft’s advisory speaks of “active attacks” and follows a separate note from Google that references the IE flaw “being actively exploited in the wild for targeted attacks.”


Microsoft and Google have separately warned about a new Internet Explorer zero-day being exploited to break into GMail accounts.


The browser flaw, which is currently unpatched, expose Windows users to remote code execution attacks with little or no user action (drive-by downloads if an IE users simply surfs to a rigged site).

see full report


My System SpecsSystem Spec
.

14 Jun 2012   #2

Windows 7 Professional 64bit SP1
 
 

This is why I use Firefox.
My System SpecsSystem Spec
14 Jun 2012   #3

Windows 7 Ultimate x64, XP Mode, W8.1 Preview VM - 7 Pro x64 second remote tower
 
 

Do not kid yourself! When going to check the free to try version of a new program I clicked the link for an option and before the av program's web filtering could act the new window slammed some "Mission Impossible to Remove" type addon toolbar on the 64bit flavor of FireFox! WaterFox

Think you are 100% safe with any browser? Guess again! Start thinking "Internet Security" regardless of which browser(s) you use.
My System SpecsSystem Spec
.


15 Jun 2012   #4

Windows 7 pro 64bit. (SP1)
 
 

Quote   Quote: Originally Posted by asteidl View Post
This is why I use Firefox.
Night hawk speaks true.
there is no browser that is 100% safe..

i have seen very nasty infections in firefox users computers..
and some of them still believed firefox is safe there is no way to get infected..
My System SpecsSystem Spec
15 Jun 2012   #5

Windows 7 Ultimate SP1 (64 bit), Windows XP SP3, Linux Mint 17 MATE (64 bit)
 
 
NoScript

You should run Firefox in conjunction with NoScript.

I can't remember the last time something got into my PC (in XP or Windows 7).
My System SpecsSystem Spec
15 Jun 2012   #6

Windows 7 Ultimate x64, XP Mode, W8.1 Preview VM - 7 Pro x64 second remote tower
 
 

That's an addon for FF from https://addons.mozilla.org/en-US/fir...ipt/developers It goes on the 64bit flavor of the browser as well namely WaterFox.

Back in 2008 one article graded IE, FF, and Safari. The grades were: "Qualitative score: Firefox gets a D, Safari an F, and IE a D" Browser Security: IE vs. Safari vs. Firefox - Datamation

The golden rule is nothing is ever 100% safe!
My System SpecsSystem Spec
16 Jun 2012   #7

Windows 7 Professional 64bit SP1
 
 

While I admit that no browser is perfect, I think I was just trying to say that security is a reason I use FF. (currently using 16.0a1 Nightly). I'd rather trust a global volunteer community. Which means that while I enjoy using Windows, given the opportunity, I'll do my work in a nix environment, and keep Windows for gaming.

Not trying to begin a debate here.
My System SpecsSystem Spec
16 Jun 2012   #8

Windows 7 Ultimate x64, XP Mode, W8.1 Preview VM - 7 Pro x64 second remote tower
 
 

At one time you could say going FF was the smart move since IE 6 was a security nightmare to begin with! It simply saw too many exploits to be usable! But with the delays in Vista being released IE 7 came along late which cleaned a number of those vulnerabilities seen with 6. IE 8 topped over 7 faster.

Unfortunately it doesn't take too long for malware writers to come out with new tricks at getting past any browser especially those that are popular! Malware writers love "popular" anything since that's their main targets! With the 64bit WaterFox on one site planted that toolbar on where even the WaterFox folder was removed before seeing another clean install of the browser only to see that same unwanted tool bar back! Once FF was removed along with WF a second time the folders for each were dumped to see a 3rd WaterFox install without the tool bar!

Despite having caught that with the 64bit version having an entirely separate folder to start with in the "C:\Program Files\" directory the bug was placed where? Right in the "C:\Program Files(x86)\Mozilla\FireFox\" folder very cleverly! It targeted the 32bit FF from the start! So is FF so much safer then IE or any other browser one could ask?

The answer to that is "NO!"! The old 2008 article says it all with all seeing failing grades! Despite all the improvements claimed to be seen with each newer version the best security is getting behind a good firewall with an effective web filtering as well as for FF anyways the "NoScript" addon available. That will act much like a firewall by having the options to allow certain or all on any site.

Another tool for both IE and FF is the "WOT" Web Of Trust addon. If you register you then have access to the parental controls available which can help weed out bad sites. But you will notice all these are additional layers not included with any particular browser to start with.
My System SpecsSystem Spec
17 Jun 2012   #9

Windows 7 Home Premium 32bit
 
 

Looks like one needs to have one computer specifically for web browsing and email and another one not connected to the network at all to get real work done. Any transfer between them must be performed on a third computer especially setup to deal with network issues and to deny access to the bad stuff. Even then, it is not 100% "safe" so that you can do any stupid thing without having any consequence. Ultimately, security is dependent upon the person in front of the computer doing stuff. That person must know what he is doing and the consequence of any of his actions. Then he must be willing to be responsible for the result.

People who don't know what they are doing and want to be able to do any random stupid thing and be protected from his stupidity deserves to get burned.
My System SpecsSystem Spec
17 Jun 2012   #10

Windows Seven, Ubuntu
 
 

The major problem with Explorer is that you can't selectively block Java script and flash. It's all or nothing. With Firefox and noscript I can block on a site by site, script by script basis. Java and flash are the areas where you are most susceptible to all of these exploits.
My System SpecsSystem Spec
Reply

 'State-sponsored attackers' using IE zero-day to hijack GMail accounts




Thread Tools




Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd

All times are GMT -5. The time now is 10:39 AM.
Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App
  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33