Fasten your seatbelts – Browser vulnerability a day to be announced in July
I hope there aren’t too many browser developers that have planned on taking July off….. I ran across browserfun.blogspot.com where it is planned to release information on a web browser vulnerability EACH DAY for the month of July. This comes to us from HD Moore of Metasploit. Judging from This securityfocus article, most of the vulnerabilities may just lead to a browser crash, but some seem to be remote code execution vulnerabilities. Microsoft Internet Explorer is where they found most of them, but other browsers were NOT immune and did find at least one remotely exploitable vulnerability to gain remote access for each browser tested.
Basically, from security focus…. they’ve used fuzzing tools to test browsers. In the past, fuzzing has been used to test network devices and the attention has been more on servers rather than client application. They’ve found over 50 flaws in Internet Explorer. More background on HD Moore’s details on browser fuzzing can be found here. One of the first two already looks fairly serious…. FRSIRT analysis.
BTW on July 11th Microsoft will no longer provide updates for Windows 98/98SE and ME…. I hope the August updates will address some of these issues (I doubt they’ll have patches in by the July patch day.) Of course, keep in mind it’s NOT JUST Internet Explorer that they’ve found vulnerabilities with. (Although it sounds as though most of them are IE vulnerabilities.)
Popularity: 1% [?]
Related Posts - Other MS patch news as well as a Yahoo vulnerability? Or lack of currently available patch as the case may be. From the previous link it appears that there was at least one previously announced vulnerability that was not addressed in the recent patch day from Microsoft. From MS... "this is a DoS only issue that was not addressed in......
- Internet Explorer zero-day This time around, the zero day is related to Internet Explorer and activex... (directanimation specifically). Incidents has a good update on the issue. This is a second exploit, there was another at the end of August, MS has an advisory on the issue. I think a safe bet would be......
- Link to Program on Mapped Network Drive not Working - Windows Cannot Access the Specified Path or File Windows XP Home connecting to a file share in a Domain controlled by Windows 2000.... Not quite your recipe for headache free things "just working" I guess, but this is what I've run into. This workstation had a mapped drive connected to a folder on the server which opened in......
Related Websites - Protect Your Privacy on the Web I couldn't help but notice how smart a lot of my visitors are. A full 54% of you are using a browser other than Internet Explorer, with 45% of you choosing Firefox. For those of you with Firefox, I've got a tip. Run, don't walk, and download the TrackMeNot plugin. ......
- Why Choose The Best Web Browser For Online Security Web browser is the prime software to connect yourself to the world wide web. Now most of the companies are increasingly putting more and more services on their website and ask their customer to take active part online. Secured browser means keeping your computer free from the virus, spyware and......
- New Version of Google Toolbar for Firefox When Firefox 3 was officially released, the Google Toolbar was not supported. Of course, that didn't stop me from manually updating the MaxVerison myself so that it would work. Although it didn't take long for Google to release a new version that officially supported Firefox 3, I was disappointed as......
Similar Posts
- 7 Updates coming from Microsoft in July
- Network Security guide for the home or small business network – Part 14 – Alternative software
- Big Windows June update day
- Exploit for Unpatched Internet Explorer vulnerability
- 3 Critical Microsoft Updates, 1 Important, 1 Moderate and 1 re-released