Experts are advising users of the Mozilla Firefox and Google Chrome browsers to disable a recently added graphics engine that can be exploited to take control of end user computers.
The web standard known as WebGL opens the browsers to serious attacks, including the remote execution of malicious code. The technology made its debut in version 9 of Chrome and was added to the recently released Firefox 4. WebGL is also present in builds of Opera and Apple’s Safari. Full story on The Register.
CIPAV Spyware: Hiding in Plain Sight?
CIPAV, the “Computer and Internet Protocol Address Verifier” spyware apparently used by the FBI to monitor activity on the computers of suspects, may not seem the hottest news item around, but the Electronic Frontier Foundation (EFF) has noted some significant updated information about CIPAV recently. Read ESET researcher David Harley’s look into it.
The co-evolution of TDL4 to bypass the Windows OS Loader patch (KB2506014 )
In our previous blog post, we described how the latest Microsoft Security Update modified the Windows OS loader (winloader.exe) to fix a vulnerability that allowed the loading of unsigned kernel-mode drivers. This vulnerability was used by TDL4 to bypass the code-signing policy and load its unsigned driver. However, an updated version of the TDL4 bootkit was released last week to work around this patch: modifications in the ldr16 component of TDL4 bring back the ability to successfully infect x64 architecture. See full article by Pierre-Marc Bureau.
ESET Ireland 