Trojan targeting FF

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View
snip:
========
An identity-stealing keylogger that disguises itself as a Firefox
extension and installs silently in the background was discovered
Tuesday by security vendor McAfee.
===========

Full article:
http://news.yahoo.com/s/cmp/20060726/tc_cmp/191101268


Re: Trojan targeting FF

According to mozillaZine Firefox 1.5.0.5 Final is scheduled to be
released today (and Thunderbird 1.5.0.5 the day after tomorrow). This
will be most likely the last update that version 1.5 will see before
the release of version 2.0.

Quote -
According to the Firefox 1.5.0.5 schedule, the planned release dates
for Firefox 1.5.0.5 and Thunderbird 1.5.0.5 are Tuesday 25th July and
Thursday 27th July respectively. All users will be encouraged to update
to these maintenance releases, which will include security and
stability updates but no new features.


And it seems that this is correct. Everything looks ready for the
release.

The Release Notes page is ready. (link)
The release folder is on the FTP and it already has the update versions
(link) (Freeware)

View: Firefox 1.5.0.5 Release Notes
News source: mozillaZine
{http://www.neowin.net/index.php?act=view&id=34264 }


Re: Trojan targeting FF


| According to mozillaZine Firefox 1.5.0.5 Final is scheduled to be
| released today (and Thunderbird 1.5.0.5 the day after tomorrow). This
| will be most likely the last update that version 1.5 will see before
| the release of version 2.0.
|
| Quote -
| According to the Firefox 1.5.0.5 schedule, the planned release dates
| for Firefox 1.5.0.5 and Thunderbird 1.5.0.5 are Tuesday 25th July and
| Thursday 27th July respectively. All users will be encouraged to update
| to these maintenance releases, which will include security and
| stability updates but no new features.
|
| And it seems that this is correct. Everything looks ready for the
| release.
|
| The Release Notes page is ready. (link)
| The release folder is on the FTP and it already has the update versions
| (link) (Freeware)
|
| View: Firefox 1.5.0.5 Release Notes
| News source: mozillaZine
| {http://www.neowin.net/index.php?act=view&id=34264 }

http://www.ciac.org/ciac/bulletins/q-258.shtml

Q-258: Mozilla (now SeaMonkey), Firefox, Thunderbird Security Vulnerabilities
[Mozilla Foundation Security Advisory 2006-48]
July 27, 2006 17:00 GMT
--------------------------------------------------------------------------------

PROBLEM: There are several security vulnerabilities in Mozilla (now SeaMonkey):
1) JavaScript new Function race condition;
2) Memory corruption with simultaneous events; and
3) Code execution through deleted frame reference.

PLATFORM: Firefox 1.5.0.5
SeaMonkey 1.0.3
Thunderbird 1.5.0.5

DAMAGE:
1) JavaScript garbage collection deleted a temporary variable still being used
in the
creation of a new Function object. The resulting use of a deleted object may be
potentially
exploitable to run native code provided by the attacker;
2) A memory corruption error within the handling of simultaneously happenind
XPCOM events,
which leads to use of a deleted timer object. This generally results in a crash
but
potentially could be exploited to execute arbitrary code on a user's system when
a malicious
website is visited; and
3) A JavaScript reference to a frame or window was not properly cleared when the
referenced
content went away, and a deleted object could be used to execute native code
supplied by the
attacker.

SOLUTION: Upgrade to the appropriate version.

--------------------------------------------------------------------------------

VULNERABILITY
ASSESSMENT: The risk is MEDIUM. The attacker could execute arbitrary code.

--------------------------------------------------------------------------------

LINKS:
  CIAC BULLETIN: http://www.ciac.org/ciac/bulletins/q-258.shtml
  ORIGINAL BULLETIN: Mozilla Foundation Security Advisory 2006-48
   http://www.mozilla.org/security/announce/2006/mfsa2006-48.html
  ADDITIONAL LINKS: Mozilla Foundation Security Advisories 2006-46 & 2006-44
   http://www.mozilla.org/security/announce/2006/mfsa2006-46.html
   http://www.mozilla.org/security/announce/2006/mfsa2006-44.html
  CVE: CVE-2006-3803 CVE-2006-3113 CVE-2006-3801


--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm



Re: Trojan targeting FF


Quoted text here. Click to load it

It'd be nice if they'd reword that.  Should say

Fixed in: Firefox 1.5.0.5
          Thunderbird 1.5.0.5
          SeaMonkey 1.0.3

<http://www.mozilla.org/security/announce/2006/mfsa2006-44.html>
<http://www.mozilla.org/security/announce/2006/mfsa2006-46.html>
<http://www.mozilla.org/security/announce/2006/mfsa2006-48.html>

--
Q

Re: Trojan targeting FF


|
Quoted text here. Click to load it
|
| It'd be nice if they'd reword that.  Should say
|
| Fixed in: Firefox 1.5.0.5
|           Thunderbird 1.5.0.5
|           SeaMonkey 1.0.3
|
| <http://www.mozilla.org/security/announce/2006/mfsa2006-44.html>
| <http://www.mozilla.org/security/announce/2006/mfsa2006-46.html>
| <http://www.mozilla.org/security/announce/2006/mfsa2006-48.html>
|

That DID confuse me  :-(

--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm



Site Timeline