Members daklander Posted November 30, 2007 Members Share Posted November 30, 2007 From Bit9 1. Yahoo! Messenger 8.1.0.239 and earlier 2. Apple QuickTime 7.2 3. Mozilla Firefox 2.0.0.6 4. Microsoft Windows Live (MSN) Messenger 7.0, 8.0 5. EMC VMware Player (and other products) 2.0, 1.0.4 6. Apple iTunes 7.3.2 7. Intuit QuickBooks Online Edition 9 and earlier 8. Sun Java Runtime 1.6.0_X 9. Yahoo! Widgets 4.0.5 and previous 10. Ask.com Toolbar 4.0.2.53 and previous Link to comment Share on other sites More sharing options...
Members spokenward Posted November 30, 2007 Members Share Posted November 30, 2007 Am I wrong in thinking that a stinking ActiveX control is part of most of these? (or can somebody who has actually done the reading point the way? :poke: ) like this one for the EMC - http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5438 I don't choose to install many ActiveX apps. Link to comment Share on other sites More sharing options...
Members blue2blue Posted November 30, 2007 Members Share Posted November 30, 2007 ActiveX controls are a big malware/infection vector. Because they're designed to be convenient -- they're also convenient for the black hats. For everyday browsing, I use FireFox -- and now that browser hijack exploits that can take over Safari and Firefox as well as IE are common in the wild, I also use the NoScript add-in for Firefox. I'm happy to say that, so protected, I sailed without incident through HC's brief but somewhat unnerving bout of hijack attempts -- I never even saw a pop up. (I allow top-level access for hamony-central.com itself but do not allow script access for any associate domains/advertisers/etc, even Akamai.net, who HC use for caching some content. It slows down page refreshes. Big deal. I can easily live without that half-second or so extra.) Link to comment Share on other sites More sharing options...
Members Li10 Posted November 30, 2007 Members Share Posted November 30, 2007 I also use Noscript and it blocks anything that isn't from the website's domain (i only half-know what i'm talking about here, ok) if you tell it to. It's pretty damn good. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.