dailyApps

Reading through my RSS feeds today, I stumbled upon an interesting post over at Neowin entitled “Vista’s Security Rendered Completely Useless by New Exploit” which reports on a new technique that can “bypass all memory protection safeguards that Microsoft built into Windows Vista.”

Mark Dowd of IBM Internet Security Systems (ISS) and Alexander Sotirov, of VMware Inc. have discovered a technique that can be used to bypass all memory protection schemes that have been built into Windows Vista by Microsoft.  These new methods are basically used to get around Vista’s Address Space Layout Randomization (ASLR), Data Execution Prevention (DEP) and other protections by loading malicious content through a web browser.

Read more…

A Malicious exploit has been discovered in Firefox that would allow a Hacker to use a Malicious JAR file to get access to your Google Account and all your confidential information.

Firefox is falling into some serious trouble over the past few months, with more and more security exploits being discovered and being exploited. The latest threat involves the usage of a malicious JAR file. The flaw is still in the wild and the problem persists with the websites of Major Internet companies that includes Google. Beford.org has found a way to use the JAR exploit to get details of Google Accounts using a Malicious JAR file specially crafted to take advantage of the exploit.

Well I’m going to refrain myself from writing about the Exploit. I have tested this exploit on my own spare Google Account, and I can confirm that this works. Its better be to safe because I’m not sure when exactly is Google and Mozilla planning to patch up the security holes. I suggest you download the NoScript addon for Firefox. Right now NoScript seems to be the only solution. If you are wondering what NoScript is, then here is what its developer has to say about it :

Read more…