Comments on: SSL exploit turn Firefox into malware distributor

By: Digital Society » Blog Archive » Secure notification method needed for infected ISP customers

Mon, 12 Oct 2009 13:40:08 +0000

[...] [...]

By: Mozilla patches SSL, Microsoft CryptoAPI still exposed | Technology for Mortals

Wed, 05 Aug 2009 21:21:14 +0000

[...] [...]

By: Digital Society » Blog Archive » Mozilla patches critical Firefox flaw

Digital Society » Blog Archive » Mozilla patches critical Firefox flaw — Wed, 05 Aug 2009 21:12:17 +0000

[...] [...]

By: George Ou

George Ou — Wed, 05 Aug 2009 19:58:53 +0000

Jonny, the vulnerability allows attackers pose AS the Firefox update server. So as soon as you connect to a rogue wireless network or a valid wired network that has been hijacked through an ARP spoof, you get owned as soon as you launch Firefox.

Mozilla has released a patch for Firefox so you should upgrade immediately if you run Firefox.

By: Jonny SMith

Jonny SMith — Mon, 03 Aug 2009 09:48:25 +0000

From what i understand the idee is that somebody can send malware files using firefox update server (correct me if i m wrong).
I looked into this and i found some info from sites that have subject malware issues (ex malwarecity.com) and the ideea is for my antivirus bitdefender it say’s that it doesn t protect the user for sofware vulnerabilities but it keeps you safe by catching the malware file that the firefox server is sending by update .
I m safe and i wait for the firefox guy s to resolve the issue .

By: Daily Digs – 07.30.2009 « Security Stallions Blog

Daily Digs – 07.30.2009 « Security Stallions Blog — Fri, 31 Jul 2009 00:13:11 +0000

[...] [...]

By: SSL exploit turns Firefox into malware distributor | Technology for Mortals

SSL exploit turns Firefox into malware distributor | Technology for Mortals — Thu, 30 Jul 2009 15:46:47 +0000

[...] [...]