Within hours of Apple's public release of the beta for Safari 3.0 for Windows, three security researchers independently found holes within the new browser. Researcher Aviv Raff highlighted in a blog post the company's product statement, that reads: "Apple's engineers designed Safari to be secure from day one." Raff found a vulnerability, a memory corruption error that could allow an attacker to insert malicious code on a Windows machine, within three minutes using publicly available fuzzing tools.
On this week's Security Bites podcast, I asked Robert Hansen, aka RSnake, the security researcher who disclosed the man-in-the-middle attack on the Google Desktop last week, what readers can do to avoid becoming a victim.
Hansen said: "They could turn off the integration between Google Desktop and the Web. Or they could wait for a patch to come out, which I'm sure there will be. Or my favorite answer is to uninstall the Google Desktop entirely.
"I'm not exactly quick to tell people to stop using applications, but Google Desktop's had, like I said (… Read more
Yahoo has issued a critical security patch for Messenger to address zero-day exploits that take advantage of vulnerabilities in its Webcam ActiveX controls.
The exploits to instant messaging surfaced Wednesday, less than 24 hours after the vulnerabilities were first reported to Yahoo by eEye Digital Security.
People could find their systems at risk if they visit malicious Web sites or view other malicious HTML code. The attackers could then exploit security flaws in the Yahoo Webcam ActiveX control, a software package that is downloaded with Messenger.… Read more
At least two sets of exploit code have been posted on the Internet for the security flaws in Yahoo Messenger 8 first disclosed on Wednesday by the security vendor eEye on Tuesday. The two exploits were posted on the Full Disclosure mailing list on Wednesday. One set of code shows how to cause buffer overflow in the Webcam ActiveX component. Another causes a buffer overflow in the viewer ywcvwr.dll. Both exploits were written by Danny.
These days, criminal enterprises don't just want to steal your Outlook contact list, they want to own your computer, and they will download a remote-access Trojan horse at the first available opportunity. Within the last six months, Symantec has seen the number of these "bot" infections increase 29 percent over the previous six months. That's why Symantec is rushing to market a new application they're calling Norton AntiBot.
While most antivirus applications today provide adequate protection against spyware and malware, once these are removed, your machine is vulnerable to new and different variations of the … Read more
After finishing dead last in a comparative antivirus test, Microsoft Windows Live OneCare recently garnered some positive press. The latest tests performed by AV-Comparatives.org seem to show an improvement, with OneCare moving up two places. While OneCare is certified by West Coast Labs and ICSA, it is the competitive independent antivirus testing results that mean more in terms of how well a product performs in the real world against real malware. Thus, some might argue that things are looking up for the nascent Redmond antimalware team.
That's until you look closer at the tests. AV-Comparatives performed two different … Read more
A number of highly critical security flaws have been found in the latest version of Yahoo Messenger, which could allow attackers to gain remote access to users systems, according to a security advisory issued by eEye Digital Security.
The vulnerabilities affect Yahoo Messenger versions 8.1 and 8.0, running on Windows, eEye stated in its "upcoming advisories."
Although eEye does not disclose extensive details about vulnerabilities until the respective vendor develops a patch, the security researcher did note the Yahoo IM flaws requires little user interaction for an attacker to exploit the vulnerabilities.
"It's the … Read more
It is common knowledge that IT security is made up of isolated security islands that don't talk to each other and must be managed on a one-off basis.
Why is this? Best I can figure is that it is a historical combination of budget and behavior. Security budgets are notoriously tight, so tools tend to be brought in on an as-needed basis. As for behavior, security professionals grew up with a "best of breed" mindset. If security widgets 1 and 2 are deemed to be the best products available, they buy them. Security benefits tend to trump … Read more
In the wrong hands, could Google Earth become a weapon of mass destruction?That question has been floated in the aftermath of last week's FBI apprehension of four suspects charged with attempting to explode oil pipelines at New York's John F. Kennedy airport.
At a press conference announcing three of the the arrests, FBI officials said one of the plotters, Abdul Kadir, directed his associates to consult Google aerial images of Kennedy Airport as they went about their planning. Inevitably, this raised questions about whether the various online mapping services offered by the likes of Google, Yahoo and … Read more
Security researcher Robert Hansen, aka RSnake, has published details of a new attack on Google Desktop. Basically, Hansen found a man-in-the-middle attack, this time placing an attacker between Google and someone launching a desktop search query. From this position, the attacker is able to manipulate the search results and possibly take control of other programs on the desktop.