Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Zero-Day Firefox Vulnerability Exploited to Distribute Trojan

26 Oct 2010   #1
malexous

Arch Linux 64-bit
 
 
Zero-Day Firefox Vulnerability Exploited to Distribute Trojan

Quote:
Security researchers from Norman have come accross a drive-by download attack exploiting an unpatched Firefox vulnerability in order to infect users with a new trojan.
...
Zero-Day Firefox Vulnerability Exploited to Distribute Trojan - Softpedia


My System SpecsSystem Spec
.
27 Oct 2010   #2
Corrine

Windows 7 & Windows Vista Ultimate
 
 

Also of interest is Graham Cluley's blog, recommending NoScript:
Quote:
Mozilla says it is working on a fix, but in the meantime Firefox users might be wise to turn JavaScript off and use the popular NoScript addon.

NoScript is a great idea - I'd never use Firefox without it, and neither should you.
Firefox hit by critical zero-day vulnerability
My System SpecsSystem Spec
27 Oct 2010   #3
Fayla

Windows 7 Professional 64 Bit SP1
 
 

No script is great

I run my Firefox on a standard user with UAC visualization and DEP enabled on it, along with no script, adblock etc etc.
Quote   Quote: Originally Posted by Corrine View Post
Also of interest is Graham Cluley's blog, recommending NoScript:
Quote:
Mozilla says it is working on a fix, but in the meantime Firefox users might be wise to turn JavaScript off and use the popular NoScript addon.

NoScript is a great idea - I'd never use Firefox without it, and neither should you.
Firefox hit by critical zero-day vulnerability
Thanks for the info OP
My System SpecsSystem Spec
.

27 Oct 2010   #4
malexous

Arch Linux 64-bit
 
 

Firefox 3.6.12 Fixes Critical Security Vulnerability
Quote:
Now that was fast. The Firefox developers have updated the web browser only a day after the discovery of a 0-day vulnerability on the Nobel Prize website targeting Firefox 3.6 Windows installations. The critical vulnerability affected all Firefox 3.6 and 3.5 releases, and allowed the attacker to compromise a system without user interaction or warning messages.

The new versions of the browser are currently distributed to the release servers. It usually takes a couple of hours before the releases are pushed to the users who will receive an update notification once the new version becomes officially available.
...
My System SpecsSystem Spec
27 Oct 2010   #5
EchoX860

Windows 7 Home Premium x64
 
 

So as long as I didn't go to that site I'm fine?
My System SpecsSystem Spec
27 Oct 2010   #6
dobhar

Windows 7 Ultimate
 
 

Cheers for this info...
My System SpecsSystem Spec
27 Oct 2010   #7
CarlTR6

Windows 7 Ultimate 32 bit
 
 

Quote   Quote: Originally Posted by malexous View Post
Quote:
Security researchers from Norman have come accross a drive-by download attack exploiting an unpatched Firefox vulnerability in order to infect users with a new trojan.
...
Zero-Day Firefox Vulnerability Exploited to Distribute Trojan - Softpedia
Good information and this is a good thread. Thanks.
My System SpecsSystem Spec
27 Oct 2010   #8
Corrine

Windows 7 & Windows Vista Ultimate
 
 

Quote   Quote: Originally Posted by EchoX860 View Post
So as long as I didn't go to that site I'm fine?
It was believed that other sites could also be compromised. However, since the update has been released by Mozilla, if it hasn't been offered, click Help > Check for Updates NOW. If you don't have NoScript installed, I advise considering it. NoScript - JavaScript/Java/Flash blocker for a safer Firefox experience! - what is it? - InformAction
My System SpecsSystem Spec
27 Oct 2010   #9
SledgeDG

Windows 7 Ultimate x86
 
 

Just got the update request to 3.6.12 some 20 mins ago...used chrome in the meantime

With NoScript...the only thing that really bothered me, was that with every of the frequent updates, I was redirected to their page and that kept messing with my tabs.

Solution: in the URL bar enter about:config
search for a key named noscript.firstRunRedirection (if it's not there, create it)
and set it to false

-capture.jpg

-DG


My System SpecsSystem Spec
27 Oct 2010   #10
Phone Man

Windows 8.1 Pro w/Media Center 64bit, Windows 7 HP 64bit
 
 

My System SpecsSystem Spec
Reply

 Zero-Day Firefox Vulnerability Exploited to Distribute Trojan




Thread Tools




Similar help and support threads
Thread Forum
OpenX Vulnerability Exploited to Compromise Multiple Ad Servers
OpenX Vulnerability Exploited to Compromise Multiple Ad Servers - Softpedia
System Security
Critical Adobe Reader Vulnerability Exploited in the Wild
More - Critical Adobe Reader Vulnerability Exploited in the Wild - Softpedia
News
Unpatched Windows Vulnerability Actively Exploited in the Wild
More - Unpatched Windows Vulnerability Actively Exploited in the Wild - Attacks target Windows XP users - Softpedia
News


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 06:04.

Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App