AKS™ – Feel The Change!

    A bug discovered earlier this week in Firefox 3.5’s Just-in-time (JIT) JavaScript compiler was disclosed publicly by S.Berry on milw0rm. Just after three days worth of testing later, Mozilla has pushed out Firefox 3.5.1, with a fix for this error as well as corrections for several other bugs.

    “ Firefox user zbyte reported a crash that we determined could result in an exploitable memory corruption problem. In certain cases after a return from a native function, such as escape(), the Just-in-Time (JIT) compiler could get into a corrupt state. This could be exploited by an attacker to run arbitrary code such as installing malware.”

    The vulnerability was introduced in TraceMonkey, the JavaScript engine used in Firefox 3.5 that actually offers a decent speed boost to the browser. Oddly enough, TraceMonkey was already set to be patched this month by Mozilla, as bugs in the newest engine were listed in a July 1 meeting as the sole topcrash issue for Firefox 3.5. In other words, while vulnerabilities like this are horrible, this one came at a perfect time as developers were already giving TraceMonkey a thorough cleaning.

Features:-

• Super Speed new
  View Web pages way faster, using less of your computer’s memory.
• Anti-Phishing & Anti-Malware improved
  Enjoy the most advanced protection against online bad guys.
• Session Restore improved
  Unexpected shutdown? Go back to exactly where you left off.
• One-Click Bookmarking
  Bookmark, search and organize Web sites quickly and easily.
• Easy Customization improved
  Thousands of add-ons give you the freedom to make your browser your own.
• Tabs improved
  Do more at once with tabs you can organize with the drag of a mouse.
• Instant Web Site ID
  Avoid online scams, unsafe transactions and forgeries with simple site identity.

      I strongly recommend that all firefox 3.5 users upgrade to this latest release. If you already have Firefox 3.5, you will receive an automated update notification within 24 to 48 hours. This update can also be applied manually by selecting “Check for Updates…” from the Help menu. You can download Firefox 3.5.1 from official Mozilla site.

Download Firefox 3.5.1

         If you want to upgrade your Firefox to the latest 3.5 then think again.

     SBerry released code on Milw0rm, has issued an advisory warning of a memory corruption error in Mozilla’s newest version of Firefox, version 3.5. The vulnerability, if exploited, allows code execution that could lead to system compromise.

       The vulnerability is caused due to an error when processing JavaScript code handling e.g. "font" HTML tags and can be exploited to cause a memory corruption.

Here is SBerry Posted code.

     Secunia is offering advice to Firefox users that until this newest vulnerability is patched, they should avoid untrusted websites and links. However, Brian Krebs took the smart road in his advice on the issue. Krebs, who is a reporter for the Washington Post, advised his users to disable "javascript.options.jit.content" in about:config. This fix has a drawback however, it will lower the rendering speeds of JavaScript, which is one of the major performance improvements in Firefox 3.5. If you are willing to take the trade, then his fix should work fine.

DNS INFORMATION LEAK

     There is another little glitch in firefox that exposes DNS information for users wanting to remain anonymous using proxy settings.

    Tw1zl3r reports that, “The DNS Leak issue in FireFox 3.5 is a BIG BUG because even if you use the about:Config force remote DNS look ups using a proxy the requests are still sent to your local DNS. The local DNS query leaks your web searches out for anyone with a brain cell and WireShark to view a users web query’s in plain text. FireFox 3.5 has the toggle network.proxy.socks_remote_dns option in it but when adding the option in about:Config it does nothing and is all show no go. The setting does nothing and allows DNS to Leak.”

      However, some users who tested his point wonder if the DNS leak has more to do with an add-on than Firefox itself. However, if it is a Mozilla issue, then it would need to be addressed as soon as possible.

[Source]

     The Symantec not to be forgotten amid the release of Kaspersky, Panda and Microsoft Security Essential. On 2 july 09 , Symantec  announced its new line of Beta products.Norton Internet Security 2010 Beta and Norton Antivirus 2010 Beta.

Major Updates:-

• Total Compatibility with Windows 7 .
• Faster.
• Increased power detection system (SONAR 2).
• Protection against malware exclusive.
• New Norton Insight system that identifies trusted applications to speed up the scanning.

     Right now, for me it is difficult to comment, whether Norton Antivirus 2010 or Norton Internet Security 2010 are good, many consume resources or have good power of detection.

    So be the one… try their beta version and don’t forget to share your experience with us via comments.

Note:- After clicking on the download links you will be directed  to a page where it is necessary register before you download.

   There are chances that you get an error message (see below)

    If that the case then you can use US proxy for downloading Norton Beta Products.

Download Norton Internet Security 2010 Beta

Download Norton Antivirus 2010 Beta

Home Page

Enjoy!

       Previously, I’ve shared with you few articles on USB security- how Disable AUTORUN.INF ,USB firewall and ikill. Today I’ve another software to share with you which protects your PC  from USB viruses i.e Naevius USB Antivirus.

     As you know, almost virus, trojan, worms is spreaded from USB storage devices. This is including USB Flash drive, removable hard disk, Memory card, SD, MicroSD, MMC, USB Camera, USB Audio player, Mobile phone, iPod, Iphone etc.

       Other antivirus software should update signature database regularly, and they can not effectively protect offline computer that is not connected to the Internet. When new viruses, worms and other malicious attacks strike, traditional signatures are insufficient. 

   Beside the common antivirus, there is another antivirus that is designed for USB Flash drive and other media based on USB. And its completely free, easy to use and small memory usage.

   Naevius USB Antivirus gives you full freedom for securely using your removable usb drives!

Key features :-

• Protection against any Trojans, spyware, worms via USB storage.
• Compatible with any antivirus resident like for example: BitDefender, Nod32, Kaspersky, AVG, Norton, McAfee, Panda, AVAST etc.
• Protection in realtime with.
• 100% free.

Download Naevius USB Antivirus v1.0

(contains new blog links)

         As you know, on June 23rd 2009 Microsoft released their free security essential Antivirus which is available for download but restricted to only USA, Israel, China and Brazil countries. If you are one of them then you can head over to the official Microsoft download page and get your free Microsoft Security Essentials installed on your system. If not, here is another way to download Microsoft security essential. Before that, take a look into Microsoft Security Essentials .

      The beta version of Microsoft Security Essentials, a free program that fights viruses and spyware. The application, previously code-named Morro, replaces Windows Live OneCare and fights the usual rogues’ gallery of PC threats, including worms, Trojans, and other troublemakers.

      Security Essentials runs on Windows XP, Vista, or Windows 7 (beta or release candidate), and does pretty much what any good anti-malware app should do. It automatically downloads virus and spyware definitions; offers real-time protection that scans downloads and attachments, and looks for suspicious file and program activity; and runs unattended scans at a time that works best for you.

      The program’s interface is clean, uncluttered, and non-threatening to users. You can give it a try

     Download Microsoft Security Essential Software

     For the specified countries – USA, China.. can download MS security essential from the official page where you have to sign up (if you haven’t) and complete the survey to download your copy of this Antivirus. 

      For other countries – Softpedia is one of the biggest freeware site allowing free download from various servers. Move on to the download link of Softpedia, choose the version (Windows XP or Windows Vista) and you are ready to download in couple of seconds.

Enjoy!