“Dockster” trojan for the Mac goes into the wild, plays on the same Java vulnerability as “Flashback”

Posted by:
Date: Tuesday, December 4th, 2012, 08:57
Category: News, security, Software

Ok, this shouldn’t be happening again.

Per F-Secure, a new piece of malware that takes advantage of a well-documented Java vulnerability has been found on a website dedicated to the Dalai Lama, with the trojan able to install itself on an unwitting Mac user’s computer to capture keystrokes and other sensitive data.

Dubbed “Dockster,” the malware was first found by antivirus and security firm Intego to have been uploaded to the VirusTotal detection service on Nov. 30. At the time of its discovery, the remote address associated with trojan was not active, possibly indicating that the code’s creators were testing whether it would be detected, but as of this writing the malicious code is now “in the wild.”

Similar to the Flashback exploit from September 2011, Dockster leverages the same Java vulnerability to drop the backdoor onto a Mac, which then executes code to create an agent that feeds keylogs and other sensitive information to an off-site server.

In the case of Flashback, which was also discovered by Intego, a reported 600,000 Macs were affected before both Apple and Oracle released a Java patches to remove the malware and protect against future attacks.

Although the newly-found Dockster takes advantage of an already fixed weakness, users who haven’t yet updated their Macs or are running older software may still be at risk.

In which case, try to ensure that your friends and family with older, pre-OS X 10.6 software are up to date and be careful out there.

Mozilla releases Firefox 17.0 update

Posted by:
Date: Wednesday, November 21st, 2012, 09:35
Category: News, Software

elfirefox

The Firefox version number just keeps getting pushed higher…

Late Wednesday, Mozilla.org released version 17.0 of its Firefox web browser. The new version, a 33.3 megabyte download and adds the following fixes and changes:

What’s new:
- FIXED – 16.0.2: Security fixes can be found here

- FIXED – 16.0.1: Vulnerability outlined here.

- NEW – Firefox on Mac OS X now has preliminary VoiceOver support turned on by default.

- NEW – Initial web app support (Windows/Mac/Linux).

- NEW – Acholi and Kazakh localizations added.

- CHANGED – Improvements around JavaScript responsiveness through incremental garbage collection.

- DEVELOPER – New Developer Toolbar with buttons for quick access to tools, error count for the Web Console, and a new command line for quick keyboard access.

- DEVELOPER – CSS3 Animations, Transitions, Transforms and Gradients unprefixed in Firefox 16.

- DEVELOPER – Recently opened files list in Scratchpad implemented.

- FIXED – Debugger breakpoints do not catch on page reload (783393).

- FIXED – No longer supporting MD5 as a hash algorithm in digital signatures (650355).

- FIXED – Opus support by default (772341).

- FIXED – Reverse animation direction has been implemented (655920).

- FIXED – Per tab reporting in about:memory (687724).

- FIXED – User Agent strings for pre-release Firefox versions now show only major version (728831).

Known Issues:
- UNRESOLVED – If you try to start Firefox using a locked profile, it will crash (see 573369).

- UNRESOLVED – For some users, scrolling in the main GMail window will be slower than usual (see 579260).

- UNRESOLVED – Windows: The use of Microsoft’s System Restore functionality shortly after updating Firefox may prevent future updates (see 730285).

- UNRESOLVED – Pointer lock doesn’t work in web apps (see 769150).

Firefox 17.0 requires an Intel-based Mac running Mac OS X 10.5 or later to install and run.

If you’ve tried the new version and have any feedback to offer, please let us know in the comments.

Twitter sends out e-mails to significant number users needing passwords on “compromised accounts”

Posted by:
Date: Thursday, November 8th, 2012, 07:40
Category: News, security, Software

If you found that your Twitter password was reset, there’s a valid reason for it.

Per CNET and the TweetSmarter blog, an unknown number of Twitter users have received a genuine e-mail from the company warning they should change their password as soon as possible.

In the e-mail, the microblogging company noted: “Twitter believes that your account may have been compromised by a website or service not associated with Twitter. We’ve reset your password to prevent others from accessing your account.”

The company did not say in the e-mail that there has been a hack, a breach of data, or anything out of the ordinary, however. At this stage, it’s unclear how many have been affected or what’s caused the mass e-mailing of its users.

A post on Wednesday noted that in some cases when “large numbers of Twitter accounts have been hijacked,” the company sends out these e-mails en masse, even sending messages to accounts that may not have been affected by any hack or hijack to err on the side of caution.

So far, a few high profile accounts have noted interference, including David Mitchell, who said:

“Got an e-mail from twitter telling me that my password had to be changed because they thought my account had been hacked,” adding in another tweet: “So I’ve changed it, but the only evidence of hacking I can find is that my tweet about my Observer column last Sun has disappeared. Weird.”

Stay tuned for additional details as they become available.

Adium updated to 1.5.4

Posted by:
Date: Wednesday, November 7th, 2012, 08:37
Category: News, Software

adiumducky.gif

Adium, the open source instant message chat client with support for multiple programs (including AOL Instant Messenger, ICQ, Jabber, MSN, Yahoo! Google Talk, Bonjour, etc.) has been updated to version 1.5.4.

The new version, a 22.7 megabyte download adds the following fixes and changes:

- Updated the included Growl SDK to 2.0, adding support for Notification Center on 10.8 if Growl is not installed. (#15867)

- Updated libotr to 3.2.1, fixing a security vulnerability.

- Updated libpurple to 2.10.6.

- Changed the default tab switching shortcuts for new users to Control-Tab/Control-Shift-Tab, to match Safari. (#16102)

- Improved disk usage: limit the tracking of the “last seen” time to contacts who are on your contact list.

- Fixed a problem where accepting a group chat invite on Sametime 8.5.1 would crash Adium. (Jonathan Rice and Jere Krischel) (#16114)

- Fixed a problem where accepting a group chat invite on HipChat’s XMPP server would crash Adium. (#16007)

- Fixed a problem preventing Adium from executing Applescripts when Gatekeeper is enabled.

- Added routines to make Secure Transport (on 10.8 and above) work around buggy TLS implementations in certain older XMPP servers. (#16081)

- Updated translations: British English, Czech, Danish (#16196), Dutch (#16220), French (#16207), Italian (#16218), Norwegian (Bokmål) (#16219), Portuguese (Portugal) (#16211), Slovakian (#16194), Turkish.

Adium 1.5.4 is available for free and requires Mac OS X 10.6.8 or later and an Intel-based Mac to run.

If you’ve tried the new version and have any comments, let us know.

Google Chrome updated to 23.0.1271.64

Posted by:
Date: Wednesday, November 7th, 2012, 08:53
Category: News, security, Software

google-chrome-logo

It’s the bug fixes that make a difference.

Late Tuesday, Google released a beta of version 23.0.1271.64 of its Chrome web browser. The update, a 56.5 megabyte download, adds the following fixes and changes:

- Medium CVE-2012-5127: Integer overflow leading to out-of-bounds read in WebP handling. Credit to Phil Turnbull.

- High CVE-2012-5116: Use-after-free in SVG filter handling. Credit to miaubiz.

- [Mac OS only] [149717] High CVE-2012-5118: Integer bounds check issue in GPU command buffers. Credit to miaubiz.

- High CVE-2012-5121: Use-after-free in video layout. Credit to Atte Kettunen of OUSPG.

- Low CVE-2012-5117: Inappropriate load of SVG subresource in img context. Credit to Felix Groebert of the Google Security Team.

- Medium CVE-2012-5119: Race condition in Pepper buffer handling. Credit to Fermin Serna of the Google Security Team.

- Medium CVE-2012-5122: Bad cast in input handling. Credit to Google Chrome Security Team (Inferno).

- Medium CVE-2012-5123: Out-of-bounds reads in Skia. Credit to Google Chrome Security Team (Inferno).

- High CVE-2012-5124: Memory corruption in texture handling. Credit to Al Patrick of the Chromium development community.

- Medium CVE-2012-5125: Use-after-free in extension tab handling. Credit to Alexander Potapenko of the Chromium development community.

- Medium CVE-2012-5126: Use-after-free in plug-in placeholder handling. Credit to Google Chrome Security Team (Inferno).

- High CVE-2012-5128: Bad write in v8. Credit to Google Chrome Security Team (Cris Neckar).

Google Chrome 23.0.1271.64 requires an Intel-based Mac with Mac OS X 10.5 or later to install and run. If you’ve tried the new version and have any feedback to offer, please let us know in the comments.

Apple releases Safari 6.0.2 update

Posted by:
Date: Friday, November 2nd, 2012, 07:37
Category: News, security, Software

safarilogo.jpg

You can’t knock a timely security update.

On Thursday, Apple released Safari 6.0.2, an update to its web browser. The new version, a 40.2 megabyte download, includes the following fixes and new features:

- Safari 6.0.2 is a security update for which complete details can be found here.

Safari 6.0.2 requires an Intel-based Mac running Mac OS X 10.7.5 or later to install and run and can also be located and downloaded via Mac OS X’s Software Update feature. If you’ve tried the new version and have any feedback to offer, please let us know.

Mozilla releases Firefox 16.0.2 update

Posted by:
Date: Monday, October 29th, 2012, 06:22
Category: News, Software

elfirefox

Hey, an update’s an update.

And it’s usually a good thing.

Late last week, Mozilla.org released version 16.0.2 of its Firefox web browser. The new version, a 35 megabyte download and adds the following fixes and changes:

- Fixed a number of issues related to the Location object in order to enhance overall security.

Firefox 16.0.2 requires an Intel-based Mac running Mac OS X 10.5 or later to install and run.

If you’ve tried the new version and have any feedback to offer, please let us know in the comments.

Mozilla releases Firefox 16.0.1 update

Posted by:
Date: Friday, October 12th, 2012, 07:21
Category: News, Software

elfirefox

Because quick revisions never hurt and Mozilla quickly pulled Firefox 16.0.1, then rereleased the new version after a security hole was plugged.

On Tuesday, Mozilla.org released version 16.0.1 of its Firefox web browser. The new version, a 32.6 megabyte download and adds the following fixes and changes:
- FIXED — 16.0.1: Vulnerability outlined here

- NEW — Firefox on Mac OS X now has preliminary VoiceOver support turned on by default.

- NEW — Initial web app support (Windows/Mac/Linux).

- NEW — Acholi and Kazakh localizations added.

- CHANGED — Improvements around JavaScript responsiveness through incremental garbage collection.

- DEVELOPER — New Developer Toolbar with buttons for quick access to tools, error count for the Web Console, and a new command line for quick keyboard access.

- DEVELOPER — CSS3 Animations, Transitions, Transforms and Gradients unprefixed in Firefox 16.

- DEVELOPER — Recently opened files list in Scratchpad implemented.

- FIXED — 16.0.1: Vulnerability outlined here.

- FIXED — Debugger breakpoints do not catch on page reload (783393).

- FIXED — No longer supporting MD5 as a hash algorithm in digital signatures (650355).

- FIXED — Opus support by default (772341).

- FIXED — Reverse animation direction has been implemented (655920).

- FIXED — Per tab reporting in about:memory (687724).

- FIXED — User Agent strings for pre-release Firefox versions now show only major version (728831).

Firefox 16.0.1 requires an Intel-based Mac running Mac OS X 10.5 or later to install and run.

If you’ve tried the new version and have any feedback to offer, please let us know in the comments.

Google Chrome updated to 22.0.1229.92

Posted by:
Date: Tuesday, October 9th, 2012, 06:49
Category: News, Software

google-chrome-logo

You’ve got to hand it to Google: they’re consistent with their updates.

Late Monday, Google released a beta of version 22.0.1229.92 of its Chrome web browser. The update, a 44 megabyte download, adds the following fixes and changes:

- Contains a number of stability fixes, including an issue with multiple profiles on Mac OS X 10.8.2.

- It also contains a fix for text display on the Mac.

Security updates listed below:
- [$1000] [138208] High CVE-2012-2900: Crash in Skia text rendering. Credit to Atte Kettunen of OUSPG.

- [$3133.7] [147499] Critical CVE-2012-5108: Race condition in audio device handling. Credit to Atte Kettunen of OUSPG.

- [$500] [148692] Medium CVE-2012-5109: OOB read in ICU regex. Credit to Arthur Gerkis.

- [151449] Medium CVE-2012-5110: Out-of-bounds read in compositor. Credit to Google Chrome Security Team (Inferno).

- [151895] Low CVE-2012-5111: Plug-in crash monitoring was missing for Pepper plug-ins. Credit to Google Chrome Security Team (Chris Evans).

Google Chrome 22.0.1229.92 requires an Intel-based Mac with Mac OS X 10.5 or later to install and run. If you’ve tried the new version and have any feedback to offer, please let us know in the comments.

Adobe releases Flash Player 11.4.402.287 update

Posted by:
Date: Monday, October 8th, 2012, 08:33
Category: News, security, Software

adobelogo

On Monday, Adobe released Flash Player 11.4.402.287 for Mac OS X, a 11.9 megabyte download via MacUpdate. The new version is for Adobe Flash Player 11.4.402.265 and earlier versions and adds the following fixes and changes:

- Fixes for critical vulnerabilities identified in Security Bulletin APSB12-22.

Flash Player 11.4.402.287 requires an Intel-based Mac running Mac OS X 10.6 or later to install and run.

If you’ve tried the new version and have any feedback, please feel free to hurl your two cents in via the comments.