Forum Cyber Security News-n-Stuff - Page 5 - Honda CRZ Forum: Honda CR-Z Hybrid Car Forums
Reply
 
LinkBack Thread Tools Display Modes
post #41 of 43 (permalink) Old 11-30-2016, 05:33 PM
CR-Z Forum Librarian
 
CR-Z Canadian's Avatar
 
Join Date: Mar 2011
Posts: 6,802
FIREFOX Vulnerability Nov 30, 2016

For any Firefox users, here is a public service announcement - not specifically related to the forum, but a vulnerability for anyone with updated Firefox browser and a Windows OS:

Emergency Bulletin: Firefox 0 day in the wild. What to do.
This entry was posted in General Security on November 30, 2016 by mark 62 Replies
Were publishing this as an emergency bulletin for our customers and the larger web community. A few hours ago a zero day vulnerability emerged in the Tor browser bundle and the Firefox web browser. Currently it exploits Windows systems with a high success rate and affects Firefox versions 41 to 50 and the current version of the Tor Browser Bundle which contains Firefox 45 ESR.

If you use Firefox, we recommend you temporarily switch browsers to Chrome, Safari or a non-firefox based browser that is secure until the Firefox dev team can release an update. The vulnerability allows an attacker to execute code on your Windows workstation. The exploit is in the wild, meaning its now public and every hacker on the planet has access to it. There is no fix at the time of this writing.

Currently this exploit causes a workstation report back to an IP address based at OVH in France. But this code can likely be repurposed to infect workstations with malware or ransomware. The exploit code is now public knowledge so we expect new variants of this attack to emerge rapidly.

This is a watering hole attack, meaning that a victim has to visit a website that contains this exploit code to be attacked. So our forensic team is keeping an eye on compromised WordPress websites and we expect to see this code show up on a few of them during the next few days. An attackers goal would be to compromise workstations of visitors to WordPress websites that have been hacked.

more HERE

Eco Stig
SOME SAY, that when he gets into his car, he plugs the IMA cable into his left ear but no one can tell who is charging whom!
CR-Z Canadian is online now  
Sponsored Links
Advertisement
 
post #42 of 43 (permalink) Old 11-30-2016, 07:40 PM
Super Duper Member
 
Join Date: May 2015
Posts: 1,861
Firefox was updated yesterday and today. Current version I just got was 50.0.2 not sure if it is still vulnerable or not. Just a data point. I don't use windows and wouldn't trust chrome as far as I can throw it. Proceed with caution.
Spdbump is offline  
post #43 of 43 (permalink) Old 11-30-2016, 10:06 PM
@ the speed of white
 
litz's Avatar
 
Join Date: Jun 2014
Location: Somerset, OH
Posts: 2,811
Garage

2013 Honda CRZ EX PWP w/navi CVT | Litz's 2013 PWP Build Thread | Sprintex | Mugen | BLF | Seibon | Tanabe | Heko | DIY: CVT with 6-Speed shift boot
the speed of sound...the speed of light...the speed of love...the speed of white!
litz is online now  
Reply

Quick Reply
Message:
Options

Register Now



In order to be able to post messages on the Honda CRZ Forum: Honda CR-Z Hybrid Car Forums forums, you must first register.
Please enter your desired user name, your email address and other required details in the form below.

User Name:
Password
Please enter a password for your user account. Note that passwords are case-sensitive.

Password:


Confirm Password:
Email Address
Please enter a valid email address for yourself.

Email Address:
OR

Log-in









Human Verification

In order to verify that you are a human and not a spam bot, please enter the answer into the following box below based on the instructions contained in the graphic.



Thread Tools
Show Printable Version Show Printable Version
Email this Page Email this Page
Display Modes
Linear Mode Linear Mode



Posting Rules  
You may post new threads
You may post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On

 
For the best viewing experience please update your browser to Google Chrome