Posts Tagged 'error'

Safari for Windows vulnerable to exploit

Juan Pablo Lopez Yacubian has discovered two vulnerabilities in Safari, which can be exploited by malicious people to conduct spoofing attacks or potentially compromise a user’s system.

1) An error when downloading e.g. a .ZIP file with an overly long filename can be exploited to cause a memory corruption.

Successful exploitation may allow execution of arbitrary code.

2) An error in the handling of windows can be exploited to display arbitrary content while showing the URL of a trusted web site in the address bar.

The vulnerabilities are confirmed in version 3.1 for Windows. Other versions may also be affected. (link)

Malicious code everywhere

Sometimes it’s good to be reminded of the dangers of web surfing. Who’s been caught surfing “unfamiliar” sites? Hand up, I see you in the back, come on, be honest. It happens, most of the time we just ignore any odd errors and chalk it up to poor coding. Maybe that error was intentionally coded and maybe you got a virus. Keep your security stuff up to date and stop surfing for porn.

“I got a taste today of the ever present danger that is the Internet. A client of mine is often in the news, so I watch for articles using Google Alerts. Once a day, I’m sent an email listing the new web pages Google found that contain my client’s name. After doing this for well over a year without incident, Google today included a malicious web page in the list of those referencing my client. The page tried to install malicious software on my computer. Hopefully the details of the scam, described below, will educate anyone not yet sufficiently skeptical about life on the Internet.” (link)

Enter your email address to subscribe to this blog and receive notifications of new posts by email.

Join 29 other followers

Technorati – Blog Search

Add to Technorati Favorites

submit express