A flaw allows the takeover of computers browsing with Firefox
According to a Norwegian firm security, hackers exploited a flaw in the Firefox browser to take control of computers that visit the official website of the Nobel Peace Prize.
The Mozilla Foundation has confirmed this vulnerability was rated critical. It affects versions 3.5 and 3.6 of its browser.
According to the company Norman ASA, the site of the famous Prize nobelpeaceprize.org "was first suffered an attack that has to inject an iframe pointing to a malicious server.
This server then issues a variety of exploits targeting (and first) only the Firefox browser. One of the achievements is taking control away from Firefox 3.6.11.
To force the installation of malware, attackers exploited a flaw-type "competitive situation" (in English "race condition"). Attack complex that plays on the execution order of instructions, an order which provides different results.
The malicious Windows executable that is installed and then tries to query multiple internet addresses.
If one of them meets the malware launches Shell and open the socket, and gives the attacker access to the victim's computer with the same rights as the logged user.
Mozilla provides a patch is being prepared to plug this loophole.
Meanwhile, installing NoScript extension is recommended to restrict the execution of JavaScript to trusted sites.
Many analysts see clearly the hand of Beijing in this case.
The attack came just three weeks after the Chinese dissident Liu Xiaobo (described as "criminal" by Beijing), has been crowned winner of the Nobel Peace 2010.
Sources :
WP Personas Themes
The WordPress team collaborate with the designer Chad Pugh for celebrating the release of Firefox 3.6 !
They created two Personas themes.
Here are the two themes
Certificates
Categories
- Ansermot.ch (13)
- Community (99)
- Development (258)
- Misc (24)
- Projects (23)
- Bullet Proof Lib (4)
- FireStats Charts (12)
- WordPress Blog Farmer (4)
- WP Page Qr (3)
- Social (27)
- System (114)