This is cross-platform. ” Security researchers have proposed several methods for users to protect their computers from ongoing attacks that target a new and yet-to-be-patched vulnerability in all versions of Java Runtime Environment 7.…“The new vulnerability is considered extremely critical and can be exploited to execute malicious code on a system by simply visiting a maliciously crafted Web page from a Web browser that has the Java plug-in enabled… “ Source: PCWorld Business CenterMore Six Ways to Protect Against the New Actively Exploited Java Vulnerability
Security
“Attackers are targeting a patched bug in Adobe Flash Player spread via malicious Microsoft Word documents. The attacks are focused on CVE-2012-1535, a remote code execution vulnerability that impacts Windows, Macs and Linux systems. Adobe Systems patched the flaw Aug. 14 in a regular security update. However, attackers are still on the lookout for unpatched computers. If exploited, the bug can be used to enable an attacker to take control of the compromised machine. According to Symantec, attackers have been targeting the flaw for the past couple of weeks using malicious Word documents. The Word files came in emails with…
Mozilla announced earlier today they have added older (older than 5.1.0) versions of Microsoft’s Silverlight Plugin to the Plugins blocklist for Mac OS X (no word yet if this will be extended to include Windows users). Unlike the recent JAVA plugin blocking, this plugin block is not due to a security volunerabitly. Instead, these older versions of Silverlight are causing stability issues including crahses on Microsoft’s Hotmail site. Users are urged to check to ensure they are running a more recent version of Silverlight (as well as other plugins such as JAVA and Flash/Shockwave) and check the status of their…
Users should ensure sure they have the most recent versions of Java Runtime Environment (JRE) and Java Developers Kit (JDK) plugins (note not all users may be using these plug-ins). Due to an increasingly exploited voluntarily found in the older versions of JRE and JDK plugins Mozilla is actively blocking outdated versions of these plugins. This vulnerability—present in the older versions of the JDK and JRE—is actively being exploited, and is a potential risk to users. To mitigate this risk, we have added affected versions of the Java plugin (Version 6 Update 32 and below as well as Version 7…
ALERT: As of version 15 released on August 29th, Waterfox now comes with bloatware and will attempt to install said bloatware without your knowledge or permission. Read more: Waterfox 15 & AVG. Linux and Mac users have enjoyed having a 64-bit versions of Firefox available to them for nearly the past two years. However, for us Windows users, Mozilla has been teasing us and/or dragging their feet with 64-Bit Firefox. As a point of clarification I should say that there has been since Firefox 4 (may be even further back) 64-bit Windows builds on the Nightly Developmental channel. These are not official releases and have never made…
Just updated my plugins on my main machine as advised in our post yesterday. When I ran the Adobe Flash Installer,I was asked about how to install updates then when it went to install I noticed it was also installing McAfee Security Scan Plus. I canceled the install (which also deletes the installer file) and went back into Firefox and re-downloaded the installer. Upon running again the first screen was the prompt about how to install updates and then clicking next (or was it continue) takes me to the installation. While it is not unusual for these plugins to come with bloatware,…
Check your other plugins while you are at it. [https://www.mozilla.org/en-US/plugincheck/] ” Computerworld – Adobe today patched seven critical vulnerabilities in Flash Player — the fifth security update so far in 2012 — and released a sandboxed plug-in for Mozilla’s Firefox.The company also released the “silent update” tool for OS X, and said it had prepped Flash for the upcoming OS X 10.8, aka Mountain Lion, by signing its code, a requirement if users are to install software downloaded from sources other than Apple’s own Mac App Store… “ June 8, 2012 Source: Computerworld Adobe patches critical Flash bugs, ships sandboxed plug-in…
April 23, 2012 Summary: A new Flashback Trojan has been discovered that infects Macs without prompting the user for a password. If you haven’t updated Java on your Mac, or disabled it entirely, you could be a victim. “ Source: ZDNet More New Flashback variant silently infects Macs
The FBI is warning that hundreds of thousands of individuals could lose access to the internet come July 9 unless they disinfect and remove a malware Trojan off their computers.DNS Changer can infect both Windows and Mac systems. Linux users are safe, as are those using iPhones, iPads, Android devices and other systems… “ 4/23/2012 | Source: Forbes More FBI: Disinfect Your Computer Or Risk Losing Internet Access Come July
Mozilla developers are working on a new Firefox feature that will block the automated display of plug-in-based content like Flash videos, Java applets or PDF files, and will protect users from attacks that exploit vulnerabilities in browser plug-ins to install malware on their computers.Known as “click to play,” this feature has been present in the popular NoScript Firefox security extension for many years, as well as in other browsers like Google Chrome and Opera… “ Source: PCWorld Business CenterMore Upcoming Firefox Click-to-play Feature Will Stop Automated Plug-in Exploits