Browser security has become a raging debate these days, with the myriad of plugins and extensions you can install on your computer to customize your internet experience. However plugins like Java, Silverlight, Flash etc. are powerful stuff that if found vulnerable can give hackers multiple attack points targeting a huge audience.
So what Mozilla is trying to do is trying to make plugin management as easy as managing extensions in Firefox is. Though the plugin check page is limited by what it can do at the moment, it will be fully utilized starting Firefox 3.6 to update plugins just like extensions do so now.
For now the scripts on the page will check for installed plugins and compare the version of the installed plugin with the latest version that is available. At the moment some of the plugins supported are (among others) Apple Quicktime, Shockwave Flash, Adobe Acrobat, Java, Silverlight, RealPlayer and Windows Media Player plugins.
Read More
Reading through my RSS feeds today, I stumbled upon an interesting post over at Neowin entitled “Vista’s Security Rendered Completely Useless by New Exploit” which reports on a new technique that can “bypass all memory protection safeguards that Microsoft built into Windows Vista.”
Mark Dowd of IBM Internet Security Systems (ISS) and Alexander Sotirov, of VMware Inc. have discovered a technique that can be used to bypass all memory protection schemes that have been built into Windows Vista by Microsoft. These new methods are basically used to get around Vista’s Address Space Layout Randomization (ASLR), Data Execution Prevention (DEP) and other protections by loading malicious content through a web browser.
Read More