0-day bug detected in Firefox 3.5 & 3.6
By SiliconIndia | Thursday, 28 October 2010, 19:20 Hrs
Some high-profile websites, including the Nobel Prize webpage, were compromised by iFrame injections which led the users towards the exploit.
The former differs from one version of the browser to another and is aimed at triggering the exception in the browser, while the latter is identical for every version of the navigator and will execute the malicious file. If the user reaches the compromised page using a different browser or a Firefox version that is not vulnerable, the script will redirect the user to an about:blank page.
Successful exploitation will download a file called svchost.txt, an infected binary file that will be subsequently renamed as svchost.exe and executed on the victim computer. This specific piece of malware is detected as Backdoor.Belmoo.A, and allows a remote attacker to take control over the infected system.
Firefox has also issued an update from 3.6.11 to 3.6.12 which is no longer vulnerable to this type of exploit. In order to stay safe, you are advised to update your browser and your local antivirus solution. BitDefender antivirus blocks access to the malformed web page before it gets to execute any code.
Experts on SiliconIndia
Post your Comment
All form fields are required.