Posts

Showing posts from July, 2009

Mozilla Firefox 3.5 Vulnerability

US-Cert announce yesterday that FireFox 3.5 has a critical vulnerability that could allow a remote attacker to execute malicious code. Mozilla is currently working on a fix.Below is from US-CERTUS-CERT is aware of reports of a vulnerability affecting Mozilla Firefox 3.5. This vulnerability is due to an error in the way JavaScript code is processed. Exploitation of this vulnerability may allow an attacker to execute arbitrary code. Additionally, exploit code is publicly available for this vulnerability.

US-CERT encourages users and administrators to disable JavaScript as outlined in theSecuring Your Web Browser document to help mitigate the risks associated with this vulnerability.

US-CERT will provide additional information as it becomes available. See http://www.us-cert.gov/current/index.html#mozilla_firefox_3_5_vulnerabilityand http://www.informationweek.com/news/internet/security/showArticle.jhtml?articleID=218500486&cid=RSSfeed_IWK_All

Microsoft Office Move To Web

Finally, Google forced Microsoft to release a Office Web. This is a good move, but personally, I still prefer local version. I am still paranoid about saving my data over an unreliable Internet, the reliability of data server, etc..... But, it will definite benefit many people.

Abstracts From Reuters

Microsoft Corp will release three versions of its dominant Office software that users can access over the Web. Microsoft will offer for free to consumers Web-based versions of its Office suite of programs, including a word processor, spreadsheet, presentation software and a note-taking program. Microsoft will release the web offerings when it starts selling Office 2010.

Microsoft Video ActiveX Control Vulnerability in IE

US-Cert has announce that there is a ActiveX control vulnerability that could allow remote code execution in IE

http://www.us-cert.gov/cas/techalerts/TA09-187A.html

http://www.microsoft.com/technet/security/advisory/972890.mspx