Microsoft exposes Firefox users to drive-by malware download

The latest malware threats from across the security forums

Moderators: Admin Team, Moderators

User avatar
Spudz
Posts: 1856
Joined: Mon Jul 20, 2009 4:35 am
Area Of Expertise: General guidance and advice
experience: Not only can I turn PC on, I know most of its functions too
PC time: Alot more than I should
Location: Kent, UK
Contact:

Microsoft exposes Firefox users to drive-by malware download

Postby Spudz » Fri Oct 16, 2009 11:18 am

October 16th, 2009
Microsoft exposes Firefox users to drive-by malware downloads
Posted by Ryan Naraine @ 9:24 am

Remember that Microsoft .NET Framework Assistant add-on that Microsoft sneaked into Firefox without explicit permission from end users?

Well, the code in that add-on has a serious code execution vulnerability that exposes Firefox users to the “browse and you’re owned” attacks that are typically used in drive-by malware downloads.

[ SEE: Patch Tuesday: MS plugs critical IE, Windows Media Player holes ]

The flaw was addressed in the MS09-054 bulletin that covered “critical” holes in Microsoft’s Internet Explorer but, as Redmond’s Security Research & Defense team explains, the drive-by download risk extends beyond Microsoft’s browser.

A browse-and-get-owned attack vector exists. All that is needed is for a user to be lured to a malicious website. Triggering this vulnerability involves the use of a malicious XBAP (XAML Browser Application). Please not that while this attack vector matches one of the attack vectors for MS09-061, the underlying vulnerability is different. Here, the affected process is the Windows Presentation Foundation (WPF) hosting process, PresentationHost.exe.

While the vulnerability is in an IE component, there is an attack vector for Firefox users as well. The reason is that .NET Framework 3.5 SP1 installs a “Windows Presentation Foundation” plug-in in Firefox.


ZDNet Blog
Spam - Uninteresting garbage quickly deleted.
Spammer - A parasitic worm intent on creating internet misery.

Image

User avatar
Mystery
Posts: 232
Joined: Fri Jul 10, 2009 7:56 am
Gender: Female
experience: Not only can I turn PC on, I know most of its functions too
PC time: Alot more than I should
Location: Switzerland
Contact:

Re: Microsoft exposes Firefox users to drive-by malware download

Postby Mystery » Sat Oct 17, 2009 12:51 am

Wanted to reply yesterday but couldn't post.
Thanks for the info Spudz, disabled it. :?
Why do geeks think Halloween and Christmas occur on the same day?
Because 31oct = 25dec ;)

User avatar
Mystery
Posts: 232
Joined: Fri Jul 10, 2009 7:56 am
Gender: Female
experience: Not only can I turn PC on, I know most of its functions too
PC time: Alot more than I should
Location: Switzerland
Contact:

Re: Microsoft exposes Firefox users to drive-by malware download

Postby Mystery » Sat Oct 17, 2009 6:01 am

UPDATE
It seems that Mozilla has taken steps, and does automatically disable it. I got a message about the security issue of this add-on in my browser with a link to this:
https://www.mozilla.com/en-US/blocklist/

Here is the Bug report:
https://bugzilla.mozilla.org/show_bug.cgi?id=522777
Why do geeks think Halloween and Christmas occur on the same day?
Because 31oct = 25dec ;)


Return to “Latest Malware Threats”

Who is online

Users browsing this forum: No registered users and 4 guests