Welcome to WebmasterWorld Guest from 54.224.230.193

Forum Moderators: incrediBILL

Message Too Old, No Replies

Firefox - Zero day exploit on Nobel Peace Prize website

This one is dangerous says Mozilla

     
12:47 am on Oct 27, 2010 (gmt 0)

Senior Member from US 

WebmasterWorld Senior Member tangor is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Nov 29, 2005
posts:6964
votes: 385


Install NoScript or turn Javascript off for this site (and possibly others)...

Malicious hackers have exploited an unpatched vulnerability in the latest version of Firefox to attack people visiting the Nobel Peace Prize website, a Norway-based security firm said on Tuesday.

Mozilla representatives confirmed a "critical vulnerability" in versions 3.5 and 3.6 of the open-source browser. It came several hours after the organization members were said to have made the same admission on this password-protected Bugzilla page.

According to Einar Oftedal, a detection executive at Norman ASA in Oslo, the official website for the Nobel Peace prize, nobelpeaceprize . org, was compromised so that it contained an iframe link to a malicious server.

[theregister.co.uk...]
2:49 am on Oct 27, 2010 (gmt 0)

Senior Member

WebmasterWorld Senior Member sgt_kickaxe is a WebmasterWorld Top Contributor of All Time 5+ Year Member

joined:Apr 14, 2010
posts:3169
votes: 0


Turn javascript off... and kiss adsense earnings goodbye too.

Javascript is getting some bad press of late, time to write an "if javascript turned off do such and such" script so your site doesn't lose ad revenue. I'm already seeing near 10% of my traffic having javascript off this month, according to analytics, but I don't know how much of that 10% is bots etc. 10% is already a lot.

edit: Link to incredibill post on "noscript" to avoid earnings loss related to having javascript turned off - [forums.searchenginewatch.com...]

[edited by: Sgt_Kickaxe at 3:00 am (utc) on Oct 27, 2010]

2:57 am on Oct 27, 2010 (gmt 0)

Administrator from JP 

WebmasterWorld Administrator bill is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month Best Post Of The Month

joined:Oct 12, 2000
posts:14786
votes: 86


Turn java off

ahem...it's JavaScript, not Java. They are two very different things that unfortunately have similar names.
8:02 am on Oct 27, 2010 (gmt 0)

Junior Member

5+ Year Member

joined:Apr 15, 2009
posts:148
votes: 0


"...vulnerability in Firefox to force end users to install malware ... The Windows executable was created on Sunday..."

Looks like its only Javascript on FF on Windows?
8:14 am on Oct 27, 2010 (gmt 0)

Senior Member from US 

WebmasterWorld Senior Member tangor is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Nov 29, 2005
posts:6964
votes: 385


Turn java off


ahem...it's JavaScript, not Java. They are two very different things that unfortunately have similar names.


bill... nobody is talking about Java!

Heck, nobody even has to have that installed! (I don't, for example)...
9:13 am on Oct 27, 2010 (gmt 0)

Administrator from JP 

WebmasterWorld Administrator bill is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month Best Post Of The Month

joined:Oct 12, 2000
posts:14786
votes: 86


bill... nobody is talking about Java!

Sgt_Kickaxe edited his post. It was quite different before. ;)
9:51 am on Oct 27, 2010 (gmt 0)

Senior Member from US 

WebmasterWorld Senior Member tangor is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Nov 29, 2005
posts:6964
votes: 385


bill...

Apologies! (knew you knew better, shoulda kept mouth shut etc. ...)

Now I have egg on face! Thanks!

Somebody throw me a towel... or some Tabasco...
10:32 am on Oct 27, 2010 (gmt 0)

Junior Member

5+ Year Member

joined:Sept 8, 2009
posts:95
votes: 0


China -.-
5:44 pm on Oct 27, 2010 (gmt 0)

New User

5+ Year Member

joined:Mar 1, 2007
posts:14
votes: 0


The catch 22 is NoScript is one of the few ways to stay protected on the web.
7:07 pm on Oct 27, 2010 (gmt 0)

Preferred Member

10+ Year Member

joined:Aug 11, 2004
posts:582
votes: 0


Agreed r4bet, chances are China is behind this. Hilarious in a sickening way.
7:13 am on Oct 28, 2010 (gmt 0)

Administrator

WebmasterWorld Administrator phranque is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Aug 10, 2004
posts:10553
votes: 12


china

maybe related to liu xiaobo?
11:58 pm on Oct 28, 2010 (gmt 0)

Senior Member from US 

WebmasterWorld Senior Member tangor is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Nov 29, 2005
posts:6964
votes: 385


I think FF has issued a patch... there was something that came through early morning/last night, but dang it I was tired and not paying attention when I clicked RESTART FIREFOX FOR UPDATES... Will go take a look, but if anyone has that info, please post... The Mozilla guys seem to take these exploit things very seriously.
12:21 am on Oct 29, 2010 (gmt 0)

Senior Member

WebmasterWorld Senior Member tedster is a WebmasterWorld Top Contributor of All Time 10+ Year Member

joined:May 26, 2000
posts:37301
votes: 0


They did fix a critical 0-day exploit in the just released version 3.6.12 - not sure if it is THE 0-day exploit or not, but I think so.

Fixed in Firefox 3.6.12
MFSA 2010-73 Heap buffer overflow mixing document.write and DOM insertion

[mozilla.org...]

[bugzilla.mozilla.org...] has the Bug Report from 2010-10-25