Chrome, Internet Explorer, Firefox Response To ‘Exploit’

Discussion in 'other security issues & news' started by Hungry Man, May 30, 2012.

Thread Status:
Not open for further replies.
  1. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
  2. dw426

    dw426 Registered Member

    Joined:
    Jan 3, 2007
    Posts:
    5,543
    That's a rather pathetic response from these vendors, especially MS. If Chrome devs are at least saying they plan to look at it, I would take a guess that they will be doing so in secret and not saying anymore about it until the fix shows up in an update. Then again, I could be placing too much faith in them. Though one thing I'd say about Chrome is that for those paying attention, this would be hard to exploit, seeing as how Chrome updates Flash on its own.

    But Firefox and MS, for shame. One can only hope they fix this for IE 10. The last thing they need right now is to get that reputation for bad security back.
     
  3. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    There was discussion on the Firefox side though at least and they'll probably address it, there's just no confirmation.

    Chrome has confirmed that they'll fix it there's simply no date yet.

    Sure, but you can do this with Java too. Anything, really.

    The proof of concept downloads calc.exe I believe.

    edit: Actually, I believe Chrome is "more vulnerable" than Firefox in this case as the Firefox download UI provides more information. Can't confirm as I haven't looked. Either way, like I said in the article, if I were to post a "Critical Flashplayer Update" I'd probably infect quite a few Wilders users.
     
    Last edited: May 30, 2012
  4. dw426

    dw426 Registered Member

    Joined:
    Jan 3, 2007
    Posts:
    5,543
    Actually yeah, you probably could infect quite a few. It's a pretty darn awesome way to hook someone. It's yet another reason one should always go straight to the source instead of trusting links.
     
  5. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    A hacked website, email, facebook, twitter, anything could do a lot of damage with it.
     
  6. funkydude

    funkydude Registered Member

    Joined:
    Apr 5, 2004
    Posts:
    6,854
    This is a really interesting issue but unlikely to be used because standard social engineering is more effective. Sure you could link this to your friends but why would you? If someone happened to stumble across it I think they'd find it odd that they suddenly ended up on a flash download page and close it. There really isn't any use case for this outside of being linked to it and explicitly told by said person "you need to download that".

    On the plus side IE9 explicitly states the false origin of the file and it also would be blocked by IE9's App Reputation.
     
  7. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    Right, but imagine the potential for, say a hacked twitter, email, facebook, or website.

    It also wouldn't necessarily be blocked by AppReputation or SmartScreen just as any antivirus might miss it. That would certainly help though.
     
  8. funkydude

    funkydude Registered Member

    Joined:
    Apr 5, 2004
    Posts:
    6,854
    AV isn't default-deny, AppRep is. The chances of an unsigned file from suspicious website x being allowed is highly unlikely.
     
Loading...
Thread Status:
Not open for further replies.