new exploit affecting all the major desktop browsers
Results 1 to 3 of 3

Thread: new exploit affecting all the major desktop browsers

  1. #1
    Senior Member t34b4g5's Avatar
    Join Date
    Sep 2003
    Location
    Australia.
    Posts
    2,391

    new exploit affecting all the major desktop browsers

    A new exploit affecting all the major desktop browsers has prompted Adobe to release a workaround for their Flash Player until they can fix the "Clickjacking" threat in a future version.


    In a nutshell, it's when you visit a malicious website and the attacker is able to take control of the links that your browser visits. … With this exploit, once you're on the malicious web page, the bad guy can make you click on any link, any button, or anything on the page without you even seeing it happening.

    ******************************

    Ok here's a quick and easy workout that should help you avoid this little nasty.

    http://www.adobe.com/support/securit...apsa08-08.html

    Flash Player workaround available for "Clickjacking" issue


    Vulnerability identifier: APSA08-08
    Platform: All Platforms
    Affected Software: Adobe Flash Player 9.0.124.0 and earlier
    Summary

    Adobe is aware of recently published reports of a ‘Clickjacking’ issue in multiple web browsers that could allow an attacker to lure a web browser user into unknowingly clicking on a link or dialog. It has been determined that this potential "Clickjacking" issue affects Adobe Flash Player. Adobe is working to address this issue in an upcoming update to Flash Player.
    Solution

    Customers:

    To prevent this potential issue, customers can change their Flash Player settings as follows:

    1. Access the Global Privacy Settings panel of the Adobe Flash Player Settings Manager at the following URL: http://www.adobe.com/support/documen...manager02.html
    2. Select the "Always deny" button.
    3. Select ‘Confirm’ in the resulting dialog.
    4. Note that you will no longer be asked to allow or deny camera and / or microphone access after changing this setting. Customers who wish to allow certain sites access to their camera and / or microphone can selectively allow access to certain sites via the Website Privacy Settings panel of the Settings Manager at the following URL: http://www.adobe.com/support/documen...manager06.html.

    IT Administrators:

    IT Administrators can change the AVHardwareDisable value in client mms.cfg files from 0 to 1 to disable client Flash Player camera and microphone interactions. For more information on the mms.cfg file and AVHardwareDisable, please refer to page 57 of the Adobe Flash Player Administration Guide: http://www.adobe.com/devnet/flashpla...de.pdf#page=57.
    Adobe is working to address the issue in an upcoming Flash Player update, scheduled for release before the end of October. Further details will be published on the Adobe Security Bulletin page at http://www.adobe.com/support/security.
    Additionally, all documented security vulnerabilities and their solutions are distributed through the Adobe security notification service. You can sign up for the service at the following URL: http://www.adobe.com/cfusion/entitle....cfm?e=szalert. Users may also monitor the latest information on the Adobe Product Security Incident Response Team blog at the following URL: http://blogs.adobe.com/psirt
    Severity Rating

    Adobe categorizes this as a critical issue.
    Acknowledgments

    Adobe would like to thank Robert Hansen of SecTheory and Jeremiah Grossman of WhiteHat Security, Eduardo Vela, Matthew Mastracci of DotSpots, and Liu Die Yu for reporting this vulnerability and for working with us to help protect our customers' security.


    Last edited by t34b4g5; October 12th, 2008 at 10:41 AM.

  2. #2
    THE Bastard Sys***** dinowuff's Avatar
    Join Date
    Jun 2003
    Location
    Third planet from the Sun
    Posts
    1,250
    Hey teabag, got a link? I'm pretty sure it's ok to post a broken link, or just PM me with the link. I love playing with those sites. Usually there are variations of root kits - some pretty good. Most not.
    09:F9:11:02:9D:74:E3:5B8:41:56:C5:63:56:88:C0

  3. #3
    Senior Member t34b4g5's Avatar
    Join Date
    Sep 2003
    Location
    Australia.
    Posts
    2,391

    Post

    Quote Originally Posted by dinowuff View Post
    Hey teabag, got a link? I'm pretty sure it's ok to post a broken link, or just PM me with the link. I love playing with those sites. Usually there are variations of root kits - some pretty good. Most not.
    Yeah i got a few interesting links. + a bit of source code also.
    (Obviously i won't be passing it around, as there are avenues being taken to fix this. So once it's fixed then and only then will i even consider sharing what i have).

    anyhow here's some more links with different info about this thing.

    http://blogs.zdnet.com/security/?p=1973

    http://jeremiahgrossman.blogspot.com...sp-appsec.html

    http://www.heise.de/english/newsticker/news/116294

    http://ha.ckers.org/blog/20080915/clickjacking/


    Also those that are using firefox and have noscript installed just Forbid <IFRAME>in the default menu of NoScript.

    That seems to help you from not falling prey if you manage to wander onto 1 of the few remaining sites.

Similar Threads

  1. Again.. Second 0-day exploit out...
    By dalek in forum Microsoft Security Discussions
    Replies: 7
    Last Post: September 23rd, 2006, 04:46 AM
  2. Exploit already available for Windows vulnerability
    By Black Cluster in forum Microsoft Security Discussions
    Replies: 3
    Last Post: October 14th, 2005, 09:44 AM
  3. Network Security made easy?
    By Tiger Shark in forum Microsoft Security Discussions
    Replies: 5
    Last Post: January 14th, 2005, 08:47 PM
  4. New Pop-up Hijack affecting all browsers
    By killerbeesateme in forum Web Security
    Replies: 5
    Last Post: December 9th, 2004, 06:52 PM
  5. Cloaked Exploit Scanner II
    By ntsa in forum The Security Tutorials Forum
    Replies: 3
    Last Post: July 21st, 2002, 05:00 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •