Threat Level: green Handler on Duty: Xavier Mertens

SANS ISC: InfoSec Handlers Diary Blog - Internet Storm Center Diary 2010-03-20 InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Firefox 3.6.2 to be released March 30

Published: 2010-03-20
Last Updated: 2010-03-23 05:06:18 UTC
by Scott Fendley (Version: 2)
1 comment(s)

In the past month, there has been lots of discussions involving an unpatched security vulnerability in Firefox 3.6.  Unfortunately, there was very limited information released on the vulnerability and much of the discussions revolved around if the reports were real or just FUD.  Mozilla eventually received enough information where they could reproduce the problem and posted an advisory late on 3/18/2010 (yes I know that I missed this being released yesterday, and I blame the NCAA tourney for that). 

In any case, Firefox 3.6.2 is scheduled for release on March 30, but the beta build is available from their nightly candidate area.  More information is located at Mozilla Security Blog. Please schedule some time to test this version and get this into your update pipeline for user workstations.

 

UPDATE Mar 23 2010 05:00:00:  Well, Firefox 3.6.2 has been released early.  The release notes are available at http://www.mozilla.com/en-US/firefox/3.6.2/releasenotes/ .  For those that have distinct testing plans for your workstations, you have the opportunity to engage these plans earlier than expected this week.  Happy patching and testing everyone.

Scott Fendley ISC Handler

Keywords: firefox
1 comment(s)

BitDefender 2010 Update Problem

Published: 2010-03-20
Last Updated: 2010-03-21 00:44:19 UTC
by Scott Fendley (Version: 2)
0 comment(s)

We have started to receive reports this morning concerning a popular consumer antivirus product has caused some grief today.  BitDefender 2010 appears to have released a set of bad definitions.  Unfortunately, these bad virus definitions appear to detect core DLL files and even parts of BitDefender, itself, as infected by "Trojan.FakeAlert.5".  There is quite a thread discussing this issue on the BitDefender Forums.

If you or your organization uses BitDefender, I would heavily recommend that you disable auto-update of the definitions until corrected ones are released soon.  Also, I would recommend preparing to do a lot of hands-on clean up to reverse those files which were quarantined by accident.

Update:  BitDefender has been sharing more information about this incident involving 64-bit architecture via their twitter account.  They point users to their knowledge base for more details on how to recover from this problem.  I hope that beyond the initial response of this major issue,  BitDefender and all antivirus vendors will recheck how they test, do quality assurance, and prepare to use social media as a communication tool for their customers in the case of an emergency.

Scott Fendley ISC Handler

Keywords: bitdefender
0 comment(s)
Diary Archives