Over 1 million tech questions and answers.

Serious security flaw found in IE

Q: Serious security flaw found in IE

This might be worth keeping an eye open
http://news.bbc.co.uk/2/hi/technology/7784908.stm

RELEVANCY SCORE 200
Preferred Solution: Serious security flaw found in IE

I recommend downloading and running Reimage. It's a computer repair tool that has been proven to identify and fix many Windows problems with a high level of success.

I've used it in the past to identify and fix everything from blue screens (BSOD's), ActiveX errors, corrupt files and processes, dll/exe/sys errors, recover lost memory, Windows update problems, defragging, malware removal etc.

You can download it direct from this link http://downloadreimage.com/download.php. (This link will automatically start a download of Reimage that you can save to your computer.)

A: Serious security flaw found in IE

The same article has already been noted in another section: "Web & Email"

But thanks anyway.

Read other 3 answers
RELEVANCY SCORE 74.8

Serious security flaw found in IE [bbc]

As many as 10,000 websites have been compromised since last week to take advantage of the security flaw, said antivirus software maker Trend Micro. Click to expand...

I don't want to go on a rant here but the IE team at Microsoft has caused so many problems for so many people, from users to web developers.

Anybody who is currently a user of IE really should take a look at alternate browsers (Firefox, Opera, Safari).
 

A:Serious security flaw found in IE

Read other 16 answers
RELEVANCY SCORE 74

FROM: http://www.usatoday.com/tech/products/2006-12-26-vista-flaw_x.htm?csp=27
NEW YORK — Windows Vista, the new computer operating system that Microsoft is touting as its most secure ever, contains a programming flaw that might let hackers gain full control of vulnerable computers.
Microsoft and independent security researchers, however, tried to play down the risk from the flaw, which was posted on a Russian site recently and is apparently the first affecting the new Vista system released to larger businesses in late November.

The software company said it was investigating the threat but found so far that a hacker must already have access to the vulnerable computer in order to execute an attack.

That could occur if someone is actually sitting in front of the PC or otherwise gets the computer's owner to install rogue software, said Mikko Hypponen, chief research officer for Finnish security research company F-Secure.

"The bottom line is you couldn't use a vulnerability like this to write a worm or hack a Vista system remotely," Hypponen said Tuesday. "It only has historical significance in that it's the first reported vulnerability that also affects Vista. It's a non-event in other ways."

Attackers with low-level access privileges on a vulnerable machine could theoretically use the flaw to bump up their status, ultimately gaining systemwide control, Hypponen said.

The flaw affects older Windows systems, too, and Hypponen said v... Read more

A:First Security Flaw in Vista found

It was only a matter of time.
 

Read other 3 answers
RELEVANCY SCORE 73.2

New Security Flaw Found In IE, Best Fire Up FireFox

Jan 03

If you?re using Internet Explorer to read this it might be an idea to shut it down now and open up trusty old FireFox instead. Microsoft has today issued an alert to notify users of a critical security flaw in IE.7.0 that could allow hackers to take control of your computer and steal passwords. The company is apparently preparing an emergency patch to fix it but in the meantime simply requests that users remain ?vigilant? against the threat.Microsoft advisors actually ask that you don?t switch because they are trying to get it resolved as soon as possible. Of course it couldn?t be seen to recommend else?s software, but this doesn?t show much consideration for people?s security concerns. Trend Micro security advisor Rick Ferguson is free from such restraint: ?In this case, hackers found the hole before Microsoft did, this is never a good thing. What we?ve seen from the exploit so far is it stealing game passwords, but it?s inevitable that it will be adapted by criminals; it?s just a question of modifying the payload the trojan installs. If users can find an alternative browser, then that?s good mitigation against the threat.? Alternative browsers FireFox, Opera, Chrome and Safari are not vulnerable to the flaw, so if you know what?s good for you best jump on one of these to be safe (most are better than IE anyway). - Paul Lester [BBC] security Internet Explorer Microsoft



New Security Flaw Foun... Read more

A:New Security Flaw Found In IE, Best Fire Up FireFox

I wonder how IE8 fits into this.

Read other 6 answers
RELEVANCY SCORE 73.2

...in Internet Ex-PLODE-r
 
http://blog.chron.com/techblog/2014/04/first-security-flaw-microsoft-wont-fix-in-windows-xp-has-been-found/?cmpid=rrhoustontx

As Microsoft’s creaky and obsolete operating system neared the end of its support life, the company warned that security flaws found after the April 8 deadline would not be patched. Now, a vulnerability has been discovered in all versions of Internet Explorer – including those that work on WinXP.
 
Though there’s no fix at the moment for any version of Windows, there soon will be – except for XP.
 
The flaw affects IE 6 through 11. Versions 6-8 work on Windows XP, but like XP, those versions of Microsoft’s browser no longer get security updates. That means, if you are using IE on XP, you’re vulnerable, with no hope in sight.
 
The obvious workaround is, of course, to use a browser other than Internet Explorer. That’s fine for consumers, but too many businesses still use XP and browser-based apps designed specifically for IE. Those companies that have been slow to dump XP are particularly at risk.
 

A:First XP security flaw Microsoft won’t fix (for free) has been found...

Related topic: New hole in Internet Explorer already under attack to hijack PCs

Read other 1 answers
RELEVANCY SCORE 73.2

New Security Flaw Found In IE, Best Fire Up FireFox

Jan 03

If you?re using Internet Explorer to read this it might be an idea to shut it down now and open up trusty old FireFox instead. Microsoft has today issued an alert to notify users of a critical security flaw in IE.7.0 that could allow hackers to take control of your computer and steal passwords. The company is apparently preparing an emergency patch to fix it but in the meantime simply requests that users remain ?vigilant? against the threat.Microsoft advisors actually ask that you don?t switch because they are trying to get it resolved as soon as possible. Of course it couldn?t be seen to recommend else?s software, but this doesn?t show much consideration for people?s security concerns. Trend Micro security advisor Rick Ferguson is free from such restraint: ?In this case, hackers found the hole before Microsoft did, this is never a good thing. What we?ve seen from the exploit so far is it stealing game passwords, but it?s inevitable that it will be adapted by criminals; it?s just a question of modifying the payload the trojan installs. If users can find an alternative browser, then that?s good mitigation against the threat.? Alternative browsers FireFox, Opera, Chrome and Safari are not vulnerable to the flaw, so if you know what?s good for you best jump on one of these to be safe (most are better than IE anyway). - Paul Lester [BBC] security Internet Explorer Microsoft
New Security Flaw Found In I... Read more

A:New Security Flaw Found In IE, Best Fire Up FireFox

Thanks Norm,

Have not had a security notification from M$ yet on any "out of band" hotfix yet - If I see one will post it here for information

Read other 9 answers
RELEVANCY SCORE 72.4

Critical vulnerability in NetUSB driver exposes millions of routers to hacking | PCWorld

Read other answers
RELEVANCY SCORE 71.6

By James Walker
5 Feb, 2016
"A major security flaw has been found in Avast's SecureZone browser, also known as Avastium, that allows an attacker to remotely read any file on the user's computer, over the Internet. Antivirus firm Avast quickly patched the embarrassing bug.

...

Avastium is based on Chromium, the open-source browser engine originally developed by Google for Chrome but now available for everyone. Avast modified a key security feature in Chromium, removing the protection it offers and exposing the user's filesystem to the Internet."
Major security flaw found in antivirus firm's 'secure' browser
 

A:Major security flaw found in Avast's Secure Browser

These "Secure browsers" Who can tell how much safer are them from other browsers outhere?, I think you should always use a browser because you know a bit about it and it works for you good and safe, not because it's named "any AV Secure Browser".
 

Read other 3 answers
RELEVANCY SCORE 56.4

...Called XSS fragmentation, the vulnerability consists of multiple chunks, or fragments, of JavaScript malware that can slip by a filter or firewall because individually they don't constitute a security risk. But when they are combined after hitting the site, they can then be dangerous.XSS fragmentation is rare, but a potentially powerful vulnerability that could be used against community-based sites such as MySpace or Web-based mail systems...MySpace in particular is vulnerable because it takes user-supplied content and stores it without adequate filtering...darkreading.com

Read other answers
RELEVANCY SCORE 56.4

9 March 2007A serious flaw was found in opensource encryption software GNU Privacy Guard (GPG).It allows a cybercriminal to launch a phishing attack. The flaw allows to insert text in trusted e-mail. Ivan Arce from Core Security, who discovered the vulnerability says attacker can insert malware or lead user to malicious website. Arce decided to inform of the flaw because it was patched two weeks ago.It affects email clients like Kmail, Evolution, Sylpheed, Mutt and GNUMail, so its users should install patches as soon as possible.Source:http://www.arcabit.com/infobase.html?show=...ion&id=1154

Read other answers
RELEVANCY SCORE 56

Matthew Broersma, Techworld.com
Mon May 9,11:00 AM ET

Firefox has unpatched "extremely critical" security holes and exploit code is already circulating on the Net, security researchers have warned.

The two unpatched flaws in the Mozilla browser could allow an attacker to take control of your system.

A patch is expected shortly, but in the meantime users can protect themselves by switching off JavaScript. In addition, the Mozilla Foundation has now made the flaws effectively impossible to exploit by changes to the server-side download mechanism on the update.mozilla.org and addons.mozilla.org sites, according to security experts.

The flaws were confidentially reported to the Foundation on May 2, but by Saturday details had been leaked and were reported by several security organizations, including the French Security Incident Response Team (FrSIRT). Danish security firm Secunia marked the exploit as "extremely critical", its most serious rating, the first time it has given a Firefox flaw this rating.

Critical Flaw Found in Firefox
 

A:Critical Flaw Found in Firefox

Also reported here http://news.bbc.co.uk/2/hi/technology/4532127.stm

Regards - Oldie
 

Read other 3 answers
RELEVANCY SCORE 56

Flaw found in Kaspersky antivirusBy Joris EversStaff Writer, CNET News.comPublished: October 3, 2005, 2:24 PM PDT A "critical" flaw in Kaspersky Lab's antivirus software could let an attacker commandeer systems that use the products... The problem lies in Kaspersky's antivirus library, security researcher Alex Wheeler wrote in an advisory...The vulnerability likely affects multiple Kaspersky products on various platforms because the library is used throughout the company's consumer and corporate software, he said...FrSirt describes the issue as "critical," its highest rating.beta.news.com

A:Flaw found in Kaspersky antivirus

update posted by apluswebmaster at SWI- http://www.techweb.com/article/printableAr..._section=700028October 04, 2005"...Kaspersky confirmed the vulnerability in an e-mail to TechWeb, it also said it had already stymied possible exploits by building and releasing a package of signatures that detect possible exploits. "This set of signatures was added to the anti-virus databases of Kaspersky Anti-Virus on September 29, significantly reducing the chances of successful use of the .cab vulnerability exploits," spokesman Alexey Zernov said in the e-mail. He also noted that Wheeler did not publish exploit code, a fact that would make it more difficult for attackers to leverage the vulnerabilities. Zernov also said that company developers were working on an emergency update that would include changes to the .cab scanning module. Kaspersky will release the fix Wednesday, Oct. 5..."Kaspersky Says It's Fixed AV Scanner Flaw

Read other 2 answers
RELEVANCY SCORE 56

Firefox has unpatched "extremely critical" security holes and exploit code is already circulating on the Net, security researchers have warned.

The two unpatched flaws in the Mozilla browser could allow an attacker to take control of your system.

A patch is expected shortly, but in the meantime users can protect themselves by switching off JavaScript. In addition, the Mozilla Foundation has now made the flaws effectively impossible to exploit by changes to the server-side download mechanism on the update.mozilla.org and addons.mozilla.org sites, according to security experts.

The flaws were confidentially reported to the Foundation on May 2, but by Saturday details had been leaked and were reported by several security organizations, including the French Security Incident Response Team (FrSIRT). Danish security firm Secunia marked the exploit as "extremely critical", its most serious rating, the first time it has given a Firefox flaw this rating.

In recent months Firefox has gained significant market share from Microsoft's Internet Explorer, partly because it is considered less vulnerable to attacks. However, industry observers have long warned that the browser is more secure partly because of its relatively small user base. As Firefox's profile grows, attackers will increasingly target the browser.
Two Vulnerabilities Found

The exploit, discovered by Paul of Greyhats Security Group and Michael "mikx" Krax, makes use of two separate... Read more

Read other answers
RELEVANCY SCORE 56

Serious flaw found in three Symantec products
By Sam Varghese
March 16, 2004

Security vendor eEye has released basic details about a vulnerability in Symantec products that would permit the execution of a severe denial-of-service attack.

Another flaw discovered recently, in products sold by Internet Security Systems, could lead to the compromise of default installations of the affected software, eEye said.

The severity of both vulnerabilities has been rated high by eEye.

The company said the remotely-exploitable flaw in the Symantec products would let an anonymous attacker carry out the attack against systems running default installations of the affected software.

The products listed as affected were Norton Internet Security 2004, Norton Internet Security 2004 Professional and Norton Personal Firewall 2004.
Here
 

A:Serious flaw found in three Symantec products 3/16/04

Thats going to hurt the rep...
 

Read other 1 answers
RELEVANCY SCORE 54.4

Lately ...
Many things I try to do, I get a popup notice that this contains a security flaw .. Do I want to continue ???

Is this because I've installed XP SP3 ??
 

A:Security Flaw

Read other 8 answers
RELEVANCY SCORE 54

Read More Info About It Here

http://www.eweek.com/category2/0,1874,1252525,00.asp
 

Read other answers
RELEVANCY SCORE 54

Read more about it here http://www.eweek.com/category2/0,1874,1252525,00.asp
 

A:sticky:WMF Security Flaw

This is already a sticky thread on the forum:

http://forums.techguy.org/security/431419-m-wmf-patch.html
 

Read other 1 answers
RELEVANCY SCORE 54

Microsoft Admits Flaw in Windows Software
By TED BRIDIS
AP Technology Writer
WASHINGTON

Microsoft Corp. acknowledged a critical vulnerability Wednesday in nearly all versions of its flagship Windows operating system software, the first such design flaw to affect its latest Windows Server 2003 software.

Microsoft said the vulnerability could allow hackers to seize control of a victim's Windows computer over the Internet, stealing data, deleting files or eavesdropping on e-mails. The company urged customers to immediately apply a free software repairing patch available from Microsoft's Web site.

The disclosure was unusually embarrassing for Microsoft because it demonstrated the first such serious flaw in the company's powerful new computer server software, billed as its safest ever.

The software is aimed at large corporate customers and was the first product sold under a high-profile "Trustworthy Computing" initiative organized last year by Microsoft founder Bill Gates.

At the product's launch in late April, Microsoft Chief Executive Steve Ballmer declared the new version of Windows to be a "breakthrough in terms of what it means, in terms of its built-in security and reliability."

The flaw, discovered by researchers in western Poland, also affected Windows versions popular among home users.

"This is one of the worst Windows vulnerabilities ever," said Marc Maiffret, an executive at eEye Digital Security Inc. of Aliso ... Read more

A:Widows Security Flaw

Go to Windows Update and get the fix.
 

Read other 2 answers
RELEVANCY SCORE 54

http://news.yahoo.com/s/pcworld/120756

A:Security Flaw in Firefox

ok. i havn't added any trusted sites to my list but am i still at risk? and how can this be patched?

Read other 19 answers
RELEVANCY SCORE 54

On my old XP laptop I was able to come back from "sleep/stand by" and had to re-enter my log in information. I set up my new laptop, an HP X16-1044nr 64 bit Vista to do the same. What I found was that if I left an internet website page open and it went into stand-by, hitting any key; the system doesn’t produce the security log in window. Thus leaving my system vulnerable for anyone to use should I forget and leave a page open. I now make sure I close every window but that’s disturbing. Thanks in advance.
 

Read other answers
RELEVANCY SCORE 54

In an advisory released Wednesday July 10, Thor Larholm, a security researcher and partner at risk-assessment company PivX Solutions, warned that HTML objects embedded in Web pages and e-mails could carry code that allows an attacker to check out victims' cookie files, read their documents, and execute programs on their computer.

The bug, known as a cross-domain scripting flaw, was discovered on June 25, and information about it has been posted on several security lists since then. Larholm also informed Microsoft of the bug the day it was discovered.

To repair the current problem, Larholm recommended that users disable ActiveX in the security settings for Internet Explorer, or run IE and Outlook in "Restricted" mode, at least until Microsoft releases a patch.

Microsoft said a patch will be available soon.

http://news.com.com/2100-1001-942980.html?tag=fd_top

DS
 

Read other answers
RELEVANCY SCORE 54

http://blogs.pcmag.com/securitywatch/2009/07/new_critical_zero-day_vulnerab.php
 

A:FireFox 3.5 Zero day security flaw

Nobody's perfect...
IE7 user
 

Read other 2 answers
RELEVANCY SCORE 54

Adobe patches flaw in graphics tools
CNET News.com

A security flaw in Adobe Systems' popular graphics design software could allow an unauthorized user to change certain program files, the software maker said Thursday. The problem affects Adobe Creative Suite 2, Adobe Photoshop CS2 and Adobe Illustrator CS2 and occurs when the applications are run in shared, multiuser installations, according to an Adobe security advisory.

"If exploited, this vulnerability could allow a hostile user to replace these program files with malicious or harmful code that could read, write, or destroy sensitive data if subsequently run by a privileged user," Adobe said. The company rates the issue "important" and has updates http://www.adobe.com/support/techdocs/332644.html available to correct the security problem. It recommends that customers using CS2 products on shared systems, running either Microsoft Windows or Mac OS, apply these updates.
 

Read other answers
RELEVANCY SCORE 53.6
A:Critical Remote Flaw Found in Linksys Wireless Access Point

nice find, lunar......we may want to move this to tech news in the future, in case it doesn't get enough hits here. That's what we did with the fake AVG junkware, got a bit more exposure. We can leave it here for now, but if you want it moved, just post in here to that effect.
 

Read other 3 answers
RELEVANCY SCORE 53.2

MS flaw highlights e-security laziness
By electricnews.net
Posted: 01/08/2003 at 13:35 GMT

In an unprecedented move, the US Department of Homeland Security has issued a second warning over a Windows flaw that leaves computers vulnerable to attack.

The newly formed US federal government department said in its warning that a critical flaw in certain versions of the Windows operating system, if left unpatched, could leave computers open to dangerous cyber-attacks, some of which have the potential to allow the attacker to take control of a vulnerable system.

The warning comes two weeks after Microsoft issued its own bulletin notifying computer users of the problem and about a week after the Department of Homeland Security issued its first warning urging people and companies to fix their systems.

Essentially, the bug can allow malicious attackers to seize control of users' machines to steal files, read e-mails and launch wide-scale attacks that could damage the Internet as a whole. Microsoft has issued patches on its Web site to let administrators repair systems, but analysts have said that there is still a large proportion of computers plugged in to the Net that remain susceptible to attack.

This is said to be partly because Microsoft issues patches so frequently that they are increasingly being ignored. Last year the software giant issued about 70 patches, and about 30 have been made available this year.

The United States government is said to be especially worr... Read more

A:MS flaw highlights e-security laziness

Perhaps micro$oft should concentrate on a better system this time rather than pumping one out every other year , but then again we'll keep on buyin them won't we ?
 

Read other 3 answers
RELEVANCY SCORE 53.2

Pertains to RealPlayer 8, RealOne Player, RealOne Player v2 for Windows, RealPlayer 10 Beta (English only) or RealPlayer Enterprise. Flaw discovered April 06, 2004.

Details and work around here: http://service.real.com/help/faq/security/040406_r3t/en/
 

Read other answers
RELEVANCY SCORE 53.2

Just recieved THIS notification and thought you Netscape users might want to know.

Kilowatt
 

A:Netscape security flaw exposed

kilowatt1,

Thanks for the news. Glad I am ok with Netscape 4.x
 

Read other 1 answers
RELEVANCY SCORE 53.2

Hi,

I have reason to believe that the current version of Opera 22.0.1471.50 has a remote code execution flaw. The attacker was able to get in and rename my documents folder to 'public documents'. Also on a day before that, the attacker was able to change the ACL's on a file.
 

A:Opera 22.0.1471.50 security flaw

Read other 6 answers
RELEVANCY SCORE 53.2

Hi, I have just bought on Ebay a Lenovo Thinkpad X201, and run the Intel tool to check if it was vulnerable to the recent discovered security flaw on Intel ME (Critical Firmware Update - Intel-SA-00086) as described on the link bellow: https://www.intel.com/content/www/us/en/support/articles/000025619/software.html The result was that my X201 is vulnerable! So, this is a huge security problem and I need a way to resolve it. I have already run all Windows 10 updates + Lenovo Companion app and it says no more updates are available. I have also search on Lenovo drivers and even on Lenovo dedicated page to this security issue on the link bellow but my model (X201) is not listed: https://support.lenovo.com/pt/en/product_security/len-17297 My question is if anyone knows a solution for this security issue on X201? Any help or advice is really appreciated. Note: On Intel check tool, it says my Intel ME driver current version is 6.1.10.1052 Thanks!

A:X201 - How to fix Intel ME Security Flaw

I think the reason its not on the Lenovo list is your processor is not affected.  Based on the intel link you provided it affects 6th, 7th and 8th generation intel chips.  I do not believe the X201 has those chips. 





TP 25 Retro, W510 850 EVO, A30pRetired 385D, A20p, A21p

Read other 1 answers
RELEVANCY SCORE 53.2

On 12/22/2004, an update for Winamp was published to fix a critical security flaw. Go to http://www.winamp.com and download Winamp 5.08c to fix the problems.

This fix is required for ALL versions of Winamp prior to 5.08c. To determine your version, open Winamp, click Help > About Winamp and check the version number at the bottom of the resulting screen.
 

Read other answers
RELEVANCY SCORE 53.2

Hi Guys
With the amount of Vundo going around i thought i might start a poll - there are a few things i would like to see in relation to Windows Service Packs
David
 

A:Vundo Poll! Is there a Security Flaw?????

Read other 7 answers
RELEVANCY SCORE 52.8

Latest SP2 Flaw Bypasses IE Security Zone
By Larry Seltzer
August 21, 2004

Security researchers have discovered another vulnerability in Windows XP Service Pack 2, but it doesn't appear to be an immediate threat.
The researcher who uncovered the drag-and-drop flaw in Windows XP SP2 earlier in the week has reported that a new vulnerability exposes a hole in the lockdown of Internet Explorer's My Computer security zone.

The lockdown of the My Computer zone is one of the major security enhancements in SP2. Web pages in Internet Explorer run in one of several security "zones," each of which has different security rules. Prior to SP2, the My Computer zone—designed for Web pages stored on the computer itself—had extremely permissive rules. In order to take advantage of them, malware attacks frequently exploited vulnerabilities to get their Web-based pages to execute. Microsoft tightened the rules in SP2 to make it a less inviting target.

In the new attack, the use of an unconventional value in the "Content-Location:" field of an MHTML (MIME HTML) file causes the browser to execute the file in the Local Intranet zone, even though it is run from the local computer. This allows scripting operations that are not permitted in the local zone. MHTML files are a variant HTML format in which accessory files, such as images, can be stored as part of the file itself.

While this example does demonstrate a weakness in the local computer lockdown by ... Read more

Read other answers
RELEVANCY SCORE 52.8

A security flaw in the PayPal web site is being actively exploited by fraudsters to steal credit card numbers and other personal information belonging to PayPal users. The issue was reported to Netcraft today via our anti-phishing toolbar.The scam works quite convincingly, by tricking users into accessing a URL hosted on the genuine PayPal web site. The URL uses SSL to encrypt information transmitted to and from the site, and a valid 256-bit SSL certificate is presented to confirm that the site does indeed belong to PayPal; however, some of the content on the page has been modified by the fraudsters via a cross-site scripting technique (XSS). http://news.netcraft.com/archives/2006/06/...tity_theft.html

A:Paypal Security Flaw Allows Identity Theft

Well that's no good. I just used Paypal the other day to donate $20 dollar to this site and now you tell me this. So do you recommend closing my paypal account or can they only access my information when I'm actually using it?

Read other 3 answers
RELEVANCY SCORE 52.8

I have local zip files, and using the built-in compressed folders utility (not WinZip, etc), I open them and drag something out, and get this warning message, "This Page Has An Unspecified Security Flaw", which says Internet Explorer at the top which is unusual because I do not ever use IE, and it is neither running nor my default browser. I googled, and the only promising solution was to go to Internet Options in IE or the control panel, go to Security, Local Intranet, and uncheck the Automatic checkbox but leave the 3 "Include" checkboxes checked. But there IS NO automatic checkbox for me, there are only the Include checkboxes. Adding my local computer to the list of intranet sites, or to the trusted sites, under every computer name or "localhost" or ip imaginable also did not work. Please help I HATE warning messages

Note: I have IE 6, because I never use IE. Also note that I believe this started when I went to Internet Options, Programs, Reset Web Settings in an unrelated in-vain effort to stop firefox from breaking my html icons

Please help me remove the zip warning message
 

A:This Page Has An Unspecified Security Flaw when extracting from zip

SOLVED: this occurred, apparently, only for zips I had downloaded from the internet.

SOLUTION: gpedit.msc, user configuration, attachment manager, enable Do Not Preserve Zone Extensions. May also need to reset security zone settings in Internet Options to medium or low
 

Read other 1 answers
RELEVANCY SCORE 52.8

The problem has to do with the way the Firefox and Mozilla browsers handle International Domain Names, or IDNs. IDNs are domain names that use local language characters. The fix disables support for such Web addresses.

Mozilla expects to fix the vulnerability in beta 2 of Firefox 1.5, the next release of the open-source Web browser. Beta 2 is due Oct. 5 and the final release of 1.5 is expected by year's end

Instructions to manually disable IDN: Type "about:config" in the address bar, hit Enter; type "network.enableIDN" in the filter toolbar, hit Enter; right-click the "network.enableIDN" item and select Toggle to change value to false.

If you make the manual change as above, there is no need to download from http://www.mozilla.org. See Cnet.news for the story: Mozilla offers temporary fix for Firefox flaw.

-- Tom
 

Read other answers
RELEVANCY SCORE 52.8

Yo. I know this sounds silly, but there was this moron in chat last night with one of those malicious boot programs. He suddenly decided to pick on me, sending me IM bombs and stuff. That's no big deal, but supposedly he sent me a virus with this program. I didn't accept the file, but he said I didn't have to because I was "already infected". I think he's just bluffing, but to make sure, I'd like to know if anybody has information on this so called "virus" ..

He said Norton wasn't going to save me, no biggy since I don't USE Norton. >=D but honestly, my anti-virus is fully updated and did not find any malicious files. I even booted in safe mode and went through my system folders searching for suspicious files, but I didn't find any. Still, better safe than sorry, eh? Man I feel like an idiot, but I'm just curious to know if this is even possible. Maybe a security flaw in yahoo messenger? Any information would be most helpful. =D And just FYI I have Win 2k pro.
 

A:Yahoo messenger virus through a security flaw?

Hi..just to double check..run an online virus scan..
http://housecall.trendmicro.com/
http://www.ravantivirus.com/scan/
 

Read other 2 answers
RELEVANCY SCORE 52.8

Experts Spot Security Flaw In Windows Vista Software
Skip directly to the full story.

By ANICK JESDANUN The Associated Press

Published: Dec 27, 2006

NEW YORK - Windows Vista, the new computer operating system that Microsoft Corp. is touting as its most secure, contains a programming flaw that might let hackers gain full control of vulnerable computers.

Microsoft and independent security researchers tried to play down the risk from the flaw, which was posted on a Russian site recently and is apparently the first affecting the Vista system released to larger businesses in late November.

The software company said it is investigating the threat but has found that a hacker must already have access to the vulnerable computer to execute an attack.

That could happen if someone is sitting in front of the PC or otherwise gets the computer's owner to install rogue software, said Mikko Hypponen, chief research officer for Finnish security research company F-Secure Corp.

"The bottom line is you couldn't use a vulnerability like this to write a worm or hack a Vista system remotely," Hypponen said Tuesday. "It only has historical significance in that it's the first reported vulnerability that also affects Vista. It's a nonevent in other ways."

Attackers with low-level access privileges on a vulnerable machine could theoretically use the flaw to bump up their status, ultimately gaining systemwide control, Hypponen said.

The flaw affects ol... Read more

A:Experts Spot Security Flaw In Vista

Yep, been reported here several times.
 

Read other 2 answers
RELEVANCY SCORE 52.8

This guy writes about security issues.

Windows Secure Boot: Insecure by design and mostly likely cant be fixed | Network World

Read other answers
RELEVANCY SCORE 52.8

Hi all

On the Hotel "Wired" Network where I logged in I got a whole load of "Device Install" messages

But What are THESE !!!!!!!!! They look like computers attached to the Network
I've got Firewall enabled with MSE turned on but looks like I'm picking up other users Media streamers.
What's going on here --and should I worry about this.

Shame if security is compromised as I'm rather liking W8.

Running W8 32 bit version.


Cheers
jimbo

A:Seems a Huge Flaw with security in W8 -- could be a show stopper

I'm not so much sure that that's a problem on your end, as it is on their end!
I'd say it's just looking for a media-extender driver or something that Microsoft hasn't fully furnished for Windows 8 yet. I wouldn't be concerned that you can see others' computers, but I'd be concerned if they can see yours.

Read other 9 answers
RELEVANCY SCORE 52

Adobe has issued an emergency patch for a previously undiscovered vulnerability in Flash Player, which the company says is being exploited in the wild.The company said Tuesday that the latest update of the popular browser plugin, version 18.0.0.194 for both Windows and Macs, fixes a security hole that could allow a hacker to take over an affected system."Adobe is aware of reports that CVE-2015-3113 is being actively exploited in the wild via limited, targeted attacks," the company said in a brief advisory.
 

Article

A:Adobe issues emergency fix for Flash zero-day security flaw

Adobe Flash Player Distribution DownloadAdobe Web Players All Downloads

Read other 7 answers
RELEVANCY SCORE 52

Security flaw touches Windows Media Player, IEBy Dawn KawamotoStaff Writer, CNET News.comPublished: October 18, 2005, 7:23 AM PDTLast modified: October 18, 2005, 10:44 AM PDTupdate A "critical" flaw that affects both Microsoft's Windows Media Player and Internet Explorer has been uncovered, a security company reported late Monday. The security flaw, which is found in the default installations of Media Player and the IE browser, could let attackers launch a remote execution of code, according to an advisory posted by eEye Digital Security. Systems affected by the flaw include Windows XP with Service Pack 1 and Service Pack 2, Windows NT, Windows 2003 and Windows 2003 SP1, and all versions of Windows 2000.news.com

Read other answers
RELEVANCY SCORE 52

Criminals are stepping up their attacks leveraging an unpatched flaw in Microsoft's Internet Explorer browser, using it to install fake antivirus products and malicious back doors on victim's computers.

Microsoft first warned of the bug on March 9, saying that it had been used in "targeted attacks." But now, according to researchers, the exploits are much more widespread. By late last week, security vendor AVG was getting reports of 30,000 attacks per day, according to Roger Thompson, AVG's chief research officer.



Source -
Security companies warn of uptick in attacks using new IE flaw | Security Central - InfoWorld

Read other answers
RELEVANCY SCORE 52

Adobe has acknowledged a "critical" security flaw in its Reader, Acrobat and Flash Player software.Adobe says the vulnerability potentially enables hackers to take control of affected computer systems.Users running Windows, Macintosh or Linux might all be open to attack.http://news.bbc.co.uk/2/hi/technology/10257411.stm

A:Adobe acknowledges critical security flaw in software

Thanks for the report Budapest. I will be watching for a new update to get. Adobe is like Windows; BIG. That's why so many bad guys jump on them because they can infect more computers that way. IMHO Windows is doing a better job but I don't git the same feeling from Adobe.

Read other 4 answers
RELEVANCY SCORE 52

Chrome suffers first security flaw.

On Wednesday, researchers announced a flaw in how the Google Chrome browser behaves with undefined handlers. An exploit provided as a demonstration crashes the new browser.

And on Tuesday, mere hours after Chrome was released, researcher Aviv Raff concocted a proof-of-concept demo to show how the Google browser could be made vulnerable to a carpet-bombing flaw and thus open a window for ill-intentioned hackers.

-- Tom
 

A:Google's Chrome browser suffers first security flaw

Read other 7 answers
RELEVANCY SCORE 51.6

VPN users are facing a massive security flaw as websites can easily see their home IP-addresses through WebRTC. The vulnerability is limited to supporting browsers such as Firefox and Chrome, and appears to affect Windows users only. Luckily the security hole is relatively easy to fix.

The Snowden revelations have made it clear that online privacy is certainly not a given.

Just a few days ago we learned that the Canadian Government tracked visitors of dozens of popular file-sharing sites.

As these stories make headlines around the world interest in anonymity services such as VPNs has increased, as even regular Internet users don?t like the idea of being spied on.

Unfortunately, even the best VPN services can?t guarantee to be 100% secure. This week a very concerning security flaw revealed that it?s easy to see the real IP-addresses of many VPN users through a WebRTC feature.

With a few lines of code websites can make requests to STUN servers and log users? VPN IP-address and the ?hidden? home IP-address, as well as local network addresses.

The vulnerability affects WebRTC-supporting browsers including Firefox and Chrome and appears to be limited to Windows machines.

A demo published on GitHub by developer Daniel Roesler allows people to check if they are affected by the security flaw.

IP-address leak


The demo claims that browser plugins can?t block the vulnerability, but luckily this isn?t entirely true. There are several easy fixes available to ... Read more

A:Huge security flaw leaks vpn users real ip-addresses

The main issue is about DNS leaks not VPN. I am using a VPN from past 8 months and having no issue with it. The main problem is which VPN you choose, if you choose a good VPN then these types of issues not appear. I choose my VPN after reading this article from a review site. 5 Best VPN Software for Year 2015 Facilitating Ease of Use
 

Read other 1 answers
RELEVANCY SCORE 51.6

Kingston Technology is instructing customers to return certain models of its memory sticks, after the firm discovered a glitch in its DataTraveler Secure flash drives.

The company said in a security notice that the models affected were “privacy” editions of the DataTraveler Secure, DataTraveler Elite and DataTraveler Blackbox.

Kingston said the security flaw could allow a wrongdoer to hack into the memory sticks. “A skilled person with the proper tools and physical access to the drives may be able to gain unauthorised access to data,” warned the vendor.

Kingston added that a number of its USB drives were not affected by the security flaw.

Customers whose drives could be exploited by the security loophole should return the product, where Kingston said it would apply a factory update.

Kingston had claimed that its Data Traveler Secure drive was the first of its kind to protect “100 percent of data on-the-fly via 256-bit hardware-based AES encrpytion.”

Source:Kingston coughs to security flaw in 'Secure' flash drive ? The Register

A:Kingston coughs to security flaw in ‘Secure’ flash driv

Thanks for this information! We have about 20 of them. Thankfully not the ones on the list.

Read other 3 answers