Mozilla Product Updates Released

Mozilla have released updates to Firefox and Seamonkey browsers and Thunderbird email client to address a bunch of vulnerabilities of which seven categorized as critical, four as high and six as moderate.

Affected products are:
- Mozilla Firefox earlier than 24.0
- Mozilla Firefox ESR earlier than 17.0.9
- Mozilla Thunderbird earlier than 24.0
- Mozilla Thunderbird ESR earlier than 17.0.9
- Mozilla SeaMonkey earlier than 2.21

Links to the security advisories with details about addressed security issues:
MFSA 2013-92 GC hazard with default compartments and frame chain restoration
MFSA 2013-91 User-defined properties on DOM proxies get the wrong "this" object
MFSA 2013-90 Memory corruption involving scrolling
MFSA 2013-89 Buffer overflow with multi-column, lists, and floats
MFSA 2013-88 compartment mismatch re-attaching XBL-backed nodes
MFSA 2013-87 Shared object library loading from writable location
MFSA 2013-86 WebGL Information disclosure through OS X NVIDIA graphic drivers
MFSA 2013-85 Uninitialized data in IonMonkey
MFSA 2013-84 Same-origin bypass through symbolic links
MFSA 2013-83 Mozilla Updater does not lock MAR file after signature verification
MFSA 2013-82 Calling scope for new Javascript objects can lead to memory corruption
MFSA 2013-81 Use-after-free with select element
MFSA 2013-80 NativeKey continues handling key messages after widget is destroyed
MFSA 2013-79 Use-after-free in Animation Manager during stylesheet cloning
MFSA 2013-78 Integer overflow in ANGLE library
MFSA 2013-77 Improper state in HTML5 Tree Builder with templates
MFSA 2013-76 Miscellaneous memory safety hazards (rv:24.0 / rv:17.0.9)


Fresh versions can be obtained via inbuilt updater or by downloading from the product site:
Firefox
Thunderbird
SeaMonkey

Symantec Intelligence Report: August 2013

Symantec have published their Intelligence report that sums up the latest threat trends for August 2013.

Report highlights:
- So far this year, 82 percent of all social media attacks have been fake offerings. This is up from 56 percent in 2012
- There were 213 new mobile malware variants discovered this month, a modest increase since July, but nowhere near the 504 variants saw in June
- The .pl top-level domain from Poland comprised almost 48% of spam-related domains in August, topping the list two months in a row

The report (in PDF format) can be viewed here.

Vulnerability In Internet Explorer

There has been found a vulnerability (CVE-2013-3893) in Microsoft Internet Explorer that may allow an attacker to execute arbitrary code in vulnerable system. Microsoft is aware of targeted attacks that attempt to exploit this vulnerability in Internet Explorer 8 and 9 versions. However, the issue affects all Internet Explorer versions from 6 to 11.

At the moment, there is no patch released against the vulnerability. About workarouds can be read here.

WordPress 3.6.1 Released

There's been released a new version of WordPress which contains updates to security vulnerabilities and also some security hardening. More information can be read from WordPress blog.

Adobe Flash Player And Adobe AIR Updates Available

Adobe have released updated version of their Flash Player . The new version fix critical vulnerabilities that could cause a crash and potentially allow an attacker to take control of the affected system.

Affected versions:

- Users of Adobe Flash Player 11.8.800.94 and earlier versions for Windows should update to Adobe Flash Player 11.8.800.168

- Users of Adobe Flash Player 11.8.800.94 and earlier versions for Macintosh should update to Adobe Flash Player 11.8.800.168

- Users of Adobe Flash Player 11.2.202.297 and earlier versions for Linux should update to Adobe Flash Player 11.2.202.310

- Users of Adobe Flash Player 11.1.115.69 and earlier versions on Android 4.x devices should update to Adobe Flash Player 11.1.115.81 (applicable only for Flash Player installed before August 15, 2012)

- Users of Adobe Flash Player 11.1.111.64 and earlier versions for Android 3.x and 2.x versions should update to Flash Player 11.1.111.73 (applicable only for Flash Player installed before August 15, 2012)

- Flash Player integrated with Google Chrome will be updated by Google via Chrome update

- Flash Player integrated with Internet Explorer 10 will be updated via Windows Update

- Users of Adobe AIR 3.8.0.870 and earlier versions for Windows and Android should update to Adobe AIR 3.8.0.1430

- Users of Adobe AIR 3.8.0.910 and earlier versions for Macintosh should update to Adobe AIR 3.8.0.1430

- Users of the Adobe AIR 3.8.0.870 SDK and earlier versions for Windows should update to the Adobe AIR 3.8.0.1430 SDK

- Users of the Adobe AIR 3.8.0.910 SDK and earlier versions for Macintosh should update to the Adobe AIR 3.8.0.1430 SDK


More information can be read from Adobe's security bulletin.

Adobe Reader And Acrobat Security Updates

Adobe have released security updates to fix a bunch of vulnerabilities in their PDF products, Adobe Reader and Adobe Acrobat.

Affected versions:
*of series XI (11.x)
Adobe Reader 11.0.03 and earlier
Adobe Acrobat 11.0.03 and earlier

*of series X (10.x)
Adobe Reader 10.1.7 and earlier
Adobe Acrobat 10.1.7 and earlier


Users of vulnerable versions are instructed to update their versions either by using automatic update functionality or by downloading fresh version manually. The default installation configuration runs automatic updates on a regular schedule and can be manually activated by choosing Help > Check for Updates.

Those who want to upgrade manually, can download the latest versions of the links below:
Adobe Reader
Acrobat Standard, Pro and Extended


More information about fixed vulnerabilities can be read from Adobe's security bulletin.

Shockwave Player Update Available

Adobe have released an updated version of their Shockwave Player. The new version fixes one security vulnerability that may allow an attacker to run arbitrary code on the affected system. The update is categorized as critical with priority level as 1.

Users of Adobe Shockwave Player 12.0.3.133 and earlier should update to Adobe Shockwave Player 12.0.4.144.

More about fixed vulnerabilities and other information can be read from Adobe's security bulletin.

Microsoft Security Updates For September 2013

Microsoft have released security updates for September 2013. This month update contains 13 security bulletins of which four critical and nine important.

A new version of Windows Malicious Software Removal Tool (MSRT) was released too.

More information can be read from the bulletin summary.

Hesperbot Banking Trojan

There has been discovered a new banking trojan that seems to target online banking users mainly in Turkey, the Czech Republic, Portugal and the United Kingdom. This Hesperbot named trojan uses very credible-looking phishing-like campaigns, related to trustworthy organizations, to lure victims into running the malware.

"Despite being a “new kid on the block”, it appears that Win32/Spy.Hesperbot is a very potent banking trojan which features common functionalities, such as keystroke logging, creation of screenshots and video capture, and setting up a remote proxy, but also includes some more advanced tricks, such as creating a hidden VNC server on the infected system. And of course the banking trojan feature list wouldn’t be complete without network traffic interception and HTML injection capabilities. Win32/Spy.Hesperbot does all this in quite a sophisticated manner."

More about Hesperbot can be read in Robert Lipovsky's blog post.

ESET Global Threat Report for August 2013

ESET have published a report discussing global threats of August 2013.

TOP 10 threats list (previous ranking listed too):

1. HTML/Iframe (5.)
2. WIN32/Bundpil (1.)
3. HTML/ScrInject (2.)
4. Win32/Sality (4.)
5. INF/Autorun (3.)
6. Win32/Conficker (7.)
7. Win32/Dorkbot (7.)
8. Win32/Ramnit (9.)
9. Win32/Qhost (10.)
10. Win32/Virut (-)


Complete report (with a description about each of the above listed threats) can be downloaded here (in PDF format).