Security assured as Mozilla and Adobe patches emerge
Nobel Trojan reined in and Shockwave calmed in latest updates.
Rapid action saw Mozilla issue a fix for the flaw exploited on the Nobel Peace Prize website within 48 hours of its discovery. After a week, Adobe has rolled out a patch for Shockwave.
Visitors using Mozilla Firefox browsers to view the Nobel Peace Prize website were alarmed to find that a Trojan had been secreted there. Within two days of receiving a report from Norwegian security firm Telenor, the patch had been issued for versions 3.5 and 3.6 of the browser .
The company has issued a statement that assures users of the Firefox 4 beta that they are safe, even though their browsers had the same flaw.
"Firefox 4 beta users appear safe for the moment," Daniel Veditz, a Mozilla security engineer, blogged.
"The underlying problematic code does exist, but other code changes since Firefox 3.6 seem to be shielding us from the vulnerability."
The Trojan has also been neutralised by Avira, a German security company. The Trojan's links to the hacker's command-and-control servers had been severed, Avira said.
Adobe has also been busy patching a vulnerability that surfaced in Shockwave Player version 188.8.131.522 and earlier for Mac and Windows. Unlike the Firefox vulernability, the Adobe flaw was being targeted by several attacks.
In an advisory issued over a week ago, Adobe warned that an attacker could cause a system crash and take control of any vulnerable system.
Four cyber security essentials that your board of directors wants to know
The insights to help you deliver what they needDownload now
Data: A resource much too valuable to leave unprotected
Protect your data to protect your companyDownload now
Improving cyber security for remote working
13 recommendations for security from any locationDownload now
Why CEOS should care about the move to SAP S/4HANA
And how they can accelerate business valueDownload now