7/27/2006
- Mozilla Firefox 1.5.0.5 Released
Firefox
1.5.0.5 is now available. The following security fixes are
included:
MFSA
2006-56 chrome: scheme loading remote content
MFSA
2006-55 Crashes with evidence of memory corruption (rv:1.8.0.5)
MFSA 2006-54
XSS with XPCNativeWrapper(window).Function(...)
MFSA
2006-53 UniversalBrowserRead privilege escalation
MFSA
2006-52 PAC privilege escalation using Function.prototype.call
MFSA
2006-51 Privilege escalation using named-functions and
redefined "new Object()"
MFSA
2006-50 JavaScript engine vulnerabilities
MFSA
2006-48 JavaScript new Function race condition
MFSA
2006-47 Native DOM methods can be hijacked across domains
MFSA
2006-46 Memory corruption with simultaneous events
MFSA
2006-45 Javascript navigator Object Vulnerability
MFSA
2006-44 Code execution through deleted frame reference
The
1.5.0.5 is currently availble via the 'Help' menu in Firefox,
or from Mozilla's
site.
7/26/2006
- Malware Evolution: Mac OS X Vulnerabilities 2005-2006
YAMMA
(Yet Another Mac OS X Malware Article). This one is from Kaspersky
Labs. Their report does conclude that as Mac OS X systems
gain popularity, more malware will appear. The recent PoC
"threats" are likely to be used as templates for
more advantageous malware authors who which to target this
emerging platform. The full report is available here.
7/25/2006
- McAfee VirusScan for Mac 8.5 Beta Release
McAfee has announced the public beta of McAfee
VirusScan for Mac version 8.5.
New
Features include:
-
Universal Binary
VirusScan for Mac 8.5 beta is the first universal binary version
in the Virex product line. VirusScan for Mac will run on both
Intel- and PowerPC-based Mac computers natively.
-
On Access scanning
VirusScan for Mac 8.5 beta features True On Access Scanning.
It scans every file being accessed from or written to the
machine and blocks infections if any. On Access Scanner can
be configured to scan on Read Only, Write only or both. It
can also be configured to scan files on network volumes.
-
5100 engine support
Support for the latest McAfee Anti-Virus engine.
-
Apple Mail scanning
VirusScan for Mac 8.5 beta scans Apple Mail messages for any
infections. This feature is available through both On Demand
Scanner and On Access Scanner.
7/24/2006
- Ubuntu Security Notice - kdelibs vulnerability (USN-322-1)
A
Denial of Service vulnerability has been reported in the
replaceChild() method in KDE's DOM handler. A malicious
remote web page could exploit this to cause Konqueror to
crash. Read the full bulliten here.
|