Firefox 2.0.0.12 released

11 Feb, 2008  |  Posted by Danesh  |  in Internet, Software
1 Comment

Mozilla has release a new version of the popular Firefox web browser. Version 2.0.0.12.

This release fixes some important security vulnerabilities that were discovered in 2.0.0.11.

MFSA 2008-11  Web forgery overwrite with div overlay
MFSA 2008-10 URL token stealing via stylesheet redirect
MFSA 2008-09 Mishandling of locally-saved plain text files
MFSA 2008-08 File action dialog tampering
MFSA 2008-06 Web browsing history and forward navigation stealing
MFSA 2008-05 Directory traversal via chrome: URI
MFSA 2008-04 Stored password corruption
MFSA 2008-03 Privilege escalation, XSS, Remote Code Execution
MFSA 2008-02 Multiple file input focus stealing vulnerabilities
MFSA 2008-01 Crashes with evidence of memory corruption (rv:1.8.1.12)

Download the latest version of Firefox here.

Source: Mozilla

WordPress 2.3.3 released

5 Feb, 2008  |  Posted by Danesh  |  in Software, WordPress
2 Comments


A new security release for WordPress is out. This will be an urgent fix as it attentions a flaw found in the XML-RPC implementation. An attacker could easily exploit this vulnerability and gain the ability to edit user posts.

Besides the fix this release also includes a few bug fixes.

I’ve done my upgrade, have you?

Download the WordPress 2.3.3 here.

Source: WordPress Dev

Upgraded to WordPress 2.3.2

7 Jan, 2008  |  Posted by Danesh  |  in WordPress
3 Comments

I finally upgraded to WordPress version 2.3.2.

Been really tired and busy since coming back from Langkawi last week. Found some time last night so this was the first thing I did.

WordPress 2.3.2 is a security release which fixes a hole that allows attackers to access your drafts and also attain your database structure information through error messages.

Better patch up quick!!

Source: WordPress Dev

Your Gmail Exposed

28 Dec, 2007  |  Posted by Danesh  |  in Internet, hacks
5 Comments

Image taken from DavidAirey

What would you do if someone hacked into your Gmail account and stole valueble information like your user name and passwords?

This happened to David Airey a logo designer from http://www.davidairey.com which is now forced back to it’s secondary URL http://www.davidairey.co.uk. His site was getting about 2000 hits a day. His business cards need to be updated and clients need to be informed.

The attacker managed to leverage a security exploit in Gmail which allowed him to inject a mail filter into Gmail which forwards all mails with attachments to the attacker. The attacker managed to obtain David’s domain account credentials.

During David’s recent holiday to India with his girlfriend, the attacker transfered “www.davidairey.com” to himself and is now holding it ransom till David decides to pay up the ransom fee of USD250 which initially was USD600.

Read the full story here.

My Advice: Google has since fixed this issue but still, make sure to check your Gmail filters. It could just save you your business and loads of time.

What would you do if this happened to you? How can we prevent this?

Firefox 2.0.0.11 released

3 Dec, 2007  |  Posted by Danesh  |  in Mozilla
2 Comments

A new update for Firefox was released just 4 days after the 2.0.0.10 update was made available to the public. The latest update 2.0.0.11 fixes a few compatibulity issues that showed up after upgrading to 20.0.0.10. Nothing serious, just  minor extension issues and website compatibility issues.
Make sure you have the latest version. This will happen automatically but if it does not then get the latest version here.

Source: Mozilla

« Older Entries

Newer Entries »