Results 1 to 2 of 2

Thread: Does Forcefield protect against latest Microsoft IE security flaw?

  1. #1
    bblf Guest

    Default Does Forcefield protect against latest Microsoft IE security flaw?

    I've read in a couple of blogs (latest one in PC World
    today)
    that Microsoft has released info that they have a serious security breach in all versions of IE.
    From pcworld.com "The flaw hides inside the data binding function of the browser and causes IE to quit unexpectedly and reopen vulnerable to prying eyes. "
    Has mostly been used in China to steal gaming passwords but they figure won't be long before someone finds a way to steal financial information.Bottom line - does ForceField protect my pc from this kind of threat?
    I'm running ForceField Version 1.1.82.0

    Software Version:8.0
    Product Name:ZoneAlarm Internet Security Suite

  2. #2
    naivemelody Guest

    Default Re: Microsoft Issuing Emergency Fix for Browser Flaw - for 12-17-08

    Microsoft Issuing Emergency Fix for Browser Flaw by the Associated Press 12-16-08 -&gt; http://www.nytimes.com/aponline/2008...ss&amp;emc=rss - The following excerpts...<hr>
    &quot;Microsoft is taking the unusual step of issuing an emergency fix for a security hole in its Internet Explorer software that has exposed millions of users to having their computers taken over by hackers.

    The ''zero-day'' vulnerability, which came to light last week, allows criminals to take over victims' machines simply by steering them to infected Web sites; users don't have to download anything for their computers to get infected, which makes the flaw in Internet Explorer's programming code so dangerous. Internet Explorer is the world's most widely used Web browser.

    Microsoft said it plans to ship a security update, rated ''critical,'' for the browser on Wednesday. People with the Windows Update feature activated on their computers will get the patch automatically&quot;... <hr>I just manually updated for the ms update KB960714 (there was one ZA Alert I had to allow) and have provided some info for you folks...

    "Security Update for Internet Explorer 7 for Windows XP (KB960714)Date last published: 12/17/2008Download size: 2.4 MBSecurity issues have been identified that could allow an attacker to compromise a system running Microsoft Internet Explorer and gain control over it. You can help protect your system by installing this update from Microsoft. After you install this item, you may have to restart your computer.&quot;

    <hr>

    Well this solves the problem for all of us; defacto. Expect a windows update or manully do so.

    As to your original question, by design it &quot;should.&quot;

    <hr>

    Here is ZoneAlarms 'press release' - http://download.zonealarm.com/bin/fr...008/pr_11.html

    Excerpts...<hr>

    MEDIA ALERT: CHECK POINT'S ZONEALARM FORCEFIELD PROTECTS AGAINST DRIVE-BY DOWNLOAD ATTACKS ASSOCIATED WITH LATEST INTERNET EXPLORER 7 EXPLOIT<p align="center">ZoneAlarm ForceField uses virtualization technology to divert automatic downloads that occur through latest Internet Explorer browser flaw

    REDWOOD CITY, CALIF. December 11, 2008 Check Point
    Software Technologies Ltd. (Nasdaq: CHKP), the worldwide leader in securing the Internet, today announced that Check Point ZoneAlarm ForceField browser security product protects consumers against the drive-by downloads associated with a newly discovered flaw in Internet Explorer 7. By placing a two-way &quot;bubble of security&quot; around the browser, ZoneAlarm ForceField prevents drive-by downloads, unwanted malware and other Web threats from damaging users' PCs or from stealing users' private information.

    Made public a few days ago on Chinese online forums, the Internet Explorer 7 browser flaw affects users running Windows XP Service Packs 2 and 3, Windows Vista, Windows Vista Service Pack 1, Windows Server 2003 Service Packs 1 and 2, and Windows Server 2008. The attack is a typical drive-by download, where hackers infect existing Web sites - or set-up their own rogue Web sites - and then redirect or trick users into going to them. The moment the victim lands on the site, hackers slip malicious software quietly onto the victim's computer through a flaw in the browser or a browser plug-in. The malicious software is often used to commit identity theft, and can silently steal credit card numbers, Web passwords and other sensitive data by secretly logging everything the victim types.

    &quot;When a browser exploit like this is discovered, it's open season against consumers as hackers worldwide lure people to their sites and silently infect them with identity-stealing software the moment they arrive, said Dorit Dor, head of development for Check Point. It's essential to use dedicated browser security technology that not only diverts users from malicious Web sites in the first place, but also provides additional protections should users actually land on the site. ZoneAlarm ForceField's multi-layer security system does just that.

    Built to fight the emerging classes of browser-based attacks, ZoneAlarm ForceField includes additional security layers that augment its virtualization capability including heuristic anti-phishing, site rating, and keylogger jamming among other features. ForceField also includes an optional &quot;Privacy Mode&quot; that erases all personal information from the local PC after a Web browsing session to further protect consumer privacy...







    Message Edited by NaiveMelody on 12-29-2008 09:42 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •