Patches are out for Firefox, Seamonkey and Thunderbird to resolve vulnerabilities that would allow credential theft, information disclosure, and arbitrary code execution
These issues are present in:
Firefox 3.0.3 and prior
Firefox 2.0.0.17 and prior
Thunderbird: 2.0.0.17 and prior
SeaMonkey 1.1.12 and prior
Archive for November 2008
Firefox/Seamonkey/Thunderbird Vulnerabilities
Google Docs Viagra Spam
I was going through my Cox inbox and found Viagra spam with a link to http://doc.google.com/View?id=dfpqm7ft_0tt6xhdd2.
Its nothing new that spammers have been taking advantage of Google. Its just kind of annoying to me that this message was sent on October 30th, today is November 10th and the linked Viagra Google doc is still up (“consult a physician if the link stays up longer than 4 weeks”). Am I to believe that no one has reported this link to Google?
The paranoid part of me wonders if when I went to the link Google Docs helpfully checked my Google cookie and provided my Google email address to the spammer who previously only had my Cox email. Next time I’m clearing cookies and using a safer browser when following unsafe links. But I digress, the real point here is Google is woefully slow in responding to spam compared to Yahoo. What’s up Google? use some of that 20 percent time to stop hosting spammers.
Adobe Exploit in the wild
Exploit code has been seen in the wild for the vulnerability patched by version 8.1.3 for Adobe Reader and Acrobat.
http://www.us-cert.gov/current/index.html#adobe_reader_exploit_circulating
https://forums.symantec.com/syment/blog/article?blog.id=vulnerabilities_exploits&thread.id=176
http://feeds.feedburner.com/~r/zdnet/security/~3/445697063/
http://isc.sans.org/diary.php?storyid=5312&rss
Adobe Acrobat and Reader 8 Security Updates
Adobe has released 8.1.3 to resolve multiple security issues in Adobe Acrobat and Reader 8.1.2 and earlier.
LINK
W32.Kernelbot.A
Symantec Virus Definitions
- ————————–
LiveUpdate Plus: 11/03/08 v.025
LiveUpdate Daily: 11/03/08 v.025
LiveUpdate Weekly: 11/05/08
Intelligent Updater: 11/03/08 v.021
Summary
- ——-
W32.Kernelbot.A is a worm that spreads by exploiting the MS08-067 vulnerability
and through file sharing networks. It may also download files on to the compromised computer.
References
- ———-
Sophos W32.Kernelbot.A
http://www.symantec.com/business/security_response/writeup.jsp?docid=2008-110315-4059-99
The Doors
At work the doors at the elevator lobby on each floor (other than the first and the cellar) started being propped open. I never saw any official notice that this was an authorized action rather than a rogue one. Scuttlebutt around the office was that someone had put in a suggestion to have the doors propped open. The doors were propped each morning and then unpropped at night (our floor doors are only alarmed at night).
The suggestion box. A method whereby a person can take a few minutes to write an anonymous bag of excrement, light it on fire, ring the doorbell and run away without consequence. Better yet, the suggestion box goes to the CEO, so the victims of the suggestion have to spend hours coming up with a reason why the suggestion sucks and they risk appearing resistive to change.
No one could quite agree on the reason for the doors being propped open. I believe the real suggestion was “the doors are heavy and when I’m carrying a laptop its difficult to open the door.” The other theories were funny but for whatever reason, I found myself very annoyed that the elevator bell could now be heard clearly from my office. The loud cell phone talkers who once gathered in the elevator lobby, now disturbed my work as well.
I had my own list of reasons the elevator door should not be propped open. I never bothered to put in my own suggestion that the elevator lobby doors shouldn’t be propped. Instead I just waited for the next inspection by fire marshall and let him do the dirty work. The doors are no longer propped.
