Monthly Archives: August 2014

50 security fixes for Google Chrome

Google Chrome latest version 37.0.2062.94 got 50 security fixes last Tuesday. Security researcher ‘[email protected]’ received a huge amount of $30,000 for finding out flaws in Chrome JavaScript engine V8, the Inter-process Communication (IPC), the data synchronization component and extensions. Most of the vulnerabilities allow remote code execution. Besides this other researchers found use-after-free vulnerabilities in DOM, SVG and bindings, spoofing of the extension permission dialog, uninitialized memory read in WebGL and Web Audio. Researchers who worked with the Chrome development also discovered flaws based on internal audits, fuzzing and other types of activities through Address Sanitizer tool. <more>

Facebook to fix auto iPhones calls

Social networking giant Facebook will soon release an update for its messenger app. The patch will fix the issue on iOS that allows attackers to make calls automatically from users’ phones by clicking on web link. Andrei Neculaesei a developer from Copenhagen discovered the flaw which can be triggered through the tel URL scheme. According to Apple document, tel URL scheme is used to launch the mobile app on iOS devices and allow dialing of the specified phone number. Applications like Facebook Messenger, Apple’s Facetime, Google+ and Gmail usually don’t show a pop-up for alerts when users tap a telephone link in a webpage and allow making calls without user consent. <more>

Massive DDoS attacks from Facebook datacenters

The issue is being first reported by Teofil Cojocariu, a researcher with the Cyber Security Research Center from Romania (CCSIR) in June when Facebook added a new feature allowing administrators to refresh the content of attachments. Cojocariu created an exploit that can cause DDoS attacks through Facebook datacenters. After Facebook fixed the issue, the impact on smaller websites especially with limited bandwidth could be more devastating. Larger companies are no more vulnerable to this after getting the patch. First, the intruder look for large image on the vulnerable server/website and published that image link on a Facebook page with Only Me privacy parameter. Then attacker uses “Refresh share attachment” feature which refreshes the attachment and captures the request. By forcing server to request for the same file can cause huge traffic. <more>

Google Chrome bolsters safe browsing mechanism

Google Chrome enhancing the capabilities for safe browsing protection mechanism and now generating alerts for users to protect them from downloading deceptive apps. On 14th August, Moheeb Abu Rajab, a Google security staff engineer announced the added protection on the Google Chrome Blog. “We’ll show a warning in Chrome whenever an attempt is made to trick you into downloading and installing such software,” wrote Rajab. “If you still wish to proceed despite the warning, you can access it from your Downloads list.” Additional information about user protection can be obtained from Google’s Safety Center. <more>

MS14-045 – ‘Blue Screen of Death’ update

On 12th August, Microsoft released updates on its monthly Patch Tuesday. The update MS14-045 rated as ‘important’ that fixes Windows kernel security issues related to privilege escalation and code execution. Users have reported a blue screen of death (BSoD) on their machines which prompts Microsoft to pulled off the vulnerable patch. According to company, a blue screen of death is occurred due to mishandling of a Windows font cache file in certain machines. Meanwhile Microsoft has come up with a workaround. <more>

Symantec bundles NINE products into ONE

California-based security company Symantec has decided to bundle Nine Norton products into one product which will be available in the market from 23rd september for $79 on annual basis. Products like Norton Internet Security, Norton AntiVirus and Norton360 won’t be available separately as it will be stream line in a new tool ‘Norton Security’. Other features are improved user interface along with cloud based management that provides the ability for users to manage devices through Norton online accounts. <more>

0-day in Adobe Reader and Acrobat Patched

Adobe systems has rolled out a new version of Adobe Reader and Acrobat 11.0.08. The latest release fixes zero-day vulnerability in the applications that allow an intruder to bypass sandbox protection mechanism. Only Windows platform are susceptible to this issue while OS X variants remain unaffected. Although advisory does not give enough information about the issue, but it seems that it is exploited by criminals. Names of Costin Raiu and Vitaly Kamluk of Kaspersky Labs are mentioned in ‘Acknowledgments’ section of the advisory. Users are advised to apply the patch on earliest basis to remain secure. <more>

Apple addresses Safari Webkit flaws

Apple releases Safari 6.1.6 and 7.0.6 in order to fix WebKit issues and other security concerns. Seven vulnerabilities are fixed that allow remote code execution or crash the vulnerable browser. Out of Seven, Five were discovered by Apple and the rest two are credited to Google’s Chrome Security Team along with an anonymous researcher. Earlier same issue was reported in May that can cause Macs machines to crash and it was patched by the company. Users are advised to go for new versions which can be downloaded through Software update. <more>

Symantec Endpoint Protection 0-day bug PATCHED!!

After being alerted about some privilege escalation vulnerabilities in its Endpoint Protection product on July 29, Symantec immediately released an advisory with mitigation solutions, and now it has made available a patch for administrators. They need to access the FileConnect service and download the Symantec Endpoint Protection 12.1 Release Update 4 Maintenance Patch 1b (RU4 MP1b), which updates the product to version 12.1.4112.4156. The client update can be applied to version 11.0 of the product too. <more>

Cisco fixes OSPF flaw affecting multiple products

Cisco has shipped a patch for a buggy Open Shortest Path First (OSPF) routing implementation it says offers exploits that include traffic blackholing or interception. As the advisory notes, the vulnerability “could allow an unauthenticated attacker to take full control of the OSPF Autonomous System (AS) domain routing table, blackhole traffic, and intercept traffic”. Crafted OSPF packets can be sent to devices running the faulty code, and those packets would make the targeted router flush its routing table. A crafted OSPF Link State Advertisement (LSA) type 1 update can then be propagated through a targeted domain. <more>