Category Archives: Browser exploits

Security patches released by Adobe and Microsoft

Posted on by

Krebsonsecurity posted that BOTH Adobe and Microsoft released patches for “Critical” updates. The term “Critical” when used by Microsoft means “these vulnerabilities could be exploited to fully compromise vulnerable Windows systems without any help from users.” Or in other words, you have no idea that you just got infected with a keylogger and it just sent your username and password for your bank account to Mother Russia.

The worst part about these updates is what they do NOT fix. There is still a well documented security flaw in Internet Explorer 6 through 8 that allows you to easily be infected simply by browsing a website. While MS did give us a “Fix” that helps some of the flaws, it completely ignores others that are widely used today.

Although the XVU Drive supports Adobe Flash, it does not run a Windows based operating system, and runs a “hardened” operating system, making it much harder to infect. Adobe’s issues should not affect XVU Drive users, and the Windows issues will not affect us at all.

Please be sure to run your updates on both Windows and any Adobe products you run, and be sure to use your XVU Drive whenever you access your bank, facebook, email, or any other secure site.

“Ruby on Rails” server exploit

Posted on by

You’re probably asking yourself “Why is XVU telling me about something that happens on a server? I’m not a techie, I don’t run a server, why do I care?” Well, some server exploits are bad enough that they even threaten you as a user of the web. Lemme ‘splain.

ARSTechnica reported an “Extremely critical” bug that “threatens more than 200,000 sites”. 200,000 sounds like a big number, but in the grand scheme of the internet, it’s not that many. However, look at some of the sites that are in that list:

http://www.twitter.com/
http://www.yellowpages.com/
http://www.whitepages.com/
http://www.hulu.com/
http://www.groupon.com/
http://www.scribd.com/
http://www.lumosity.com/
http://www.urbandictionary.com/

and, well, 200,000 more like that.

“Ok, so it attacked a bunch of sites I go to every day. How does that affect ME?!” Well, I’m glad you asked. According to this post “An attacker can execute any ruby code he wants including system(“unix command”).” This means that if the site was exploited, the attacker could infect you just by browsing the site. Perhaps infecting the site with the new Java 0-day exploit and installing a keylogger on your computer.

If you have visited any of the above sites, please be sure to run a thorough virus scan, and be sure to use your XVU Drive to access secure sites until we’re all sure this is thoroughly patched.

Java browser exploit

Posted on by

ARS Technica released an article today describing a “Critical” bug in the widely used Java browser plugin that is being “massively exploited in the wild.”

What this means to you is that if your browser supports Java (which almost all do by default nowadays), and it is enabled, this exploit can allow anyone with malicious intent to install keyloggers (and other software they feel like) onto your computer without your permission, or even knowledge.

According to researchers, this exploit works against ALL versions of Java, so simply making sure you update to the most recent version will *not* help, at least until Java releases a patch to fix this loophole.
In the meantime, you can test to see if your browser currently supports Java with a very helpful site called “Javatester“. If you click the link, and the “Live” version says “This web browser can indeed run Java applets”, then you need to take this issue seriously. If, on the other hand, it says “This web browser can NOTrun Java applets”, then you’re safe from this bug.

If you do have Java enabled on your browser, you can use these steps from KrebsOnSecurity to disable it, or if you’ve been good and kept you Java up-to-date (and are on Version 7 Update 10), you can use these steps to remove it from ALL browsers at once.

The XVU Drive, although susceptible to a similar Java attack, runs on a hardened operating system with only a handful of viruses ever written for it, so even if the Java exploit were run, it would likely not include a virus capable of infecting it. This is just another way that using your XVU drive for secure browsing can protect you from infection.