Browser fight continues : CHROME continues topping too!!!

1.    Not long back we all have seen or might have experienced when violent and pornographic images were fed across facebook profiles of FB friends without the knowledge of the online FB user when he used to simply click on a tempting link!!!!All that happened owing to so many malwares but the exact launching vulnerability was indeed in the BROWSER!!!!!

2.    The openweb is full of options for seemingly good browsers viz Mozilla Firefox, Google Chrome, and Microsoft’s Internet Explorer. But who is the best?.....though when u google u find so may individual claims but third party tests are always welcome on such issues...specially when they have huge evidence to support....like few years back I posted on ACID3 test for the browsers...this one comes from Accuvant...and its actually huge in terms of a conclusive report that's 139 pages in toto......:-)

3.   The full report can be accessed by clicking here...so the Accuvant study revealed that Chrome ranks as the most secure web browser when compared to Internet Explorer and Firefox. Interestingly, German government named Chrome the most secure browser, perhaps lending weight to the study. 

4.   The criteria to test these browsers included factors like ASLR,GS,Sandboxing,JIT Security etc as shown below :

(CLICK ON THE IMAGE TO ENLARGE)

5.   Please google if you wish to know the criteria factors mentioned above in the image.Thanks http://www.accuvant.com/

How to find windows product key : Product Key Decryptor

1.   Have you ever found yourself in a position when a genuine Windows OS key is required!!!!This tool will be useful if you have ever lost your product CD Key or you have to reinstall the product again.The nae of the product is Product Key Decryptor that's a  FREE software to instantly recover License Keys of popular Windows products.The supported list of software's of which the keys can be extracted is shown below :

Microsoft Windows NT

Microsoft Windows XP

Microsoft Windows Vista

Microsoft Windows Server 2003

Microsoft Windows Server 2008

Microsoft Windows 7

Microsoft Windows 8

Microsoft Office 2003

Microsoft Office 2007

Microsoft Office 2010

Visual Studio 2005

Visual Studio 2008

Visual Studio 2010

Visual Studio 2012

Internet Explorer 6

Internet Explorer 7

Internet Explorer 8

Internet Explorer 9

Internet Explorer 10

VMWare Workstation 6.x

VMWare Workstation 7.x

VMWare Workstation 8.x

VMWare Workstation 9.x

2.    It automatically detects and decrypts the license/CD key of all the supported products from your system. Currently it can recover License key of few popular products including Windows Operating System, Microsoft Office, Visual Studio, Internet Explorer, VMWare Worktation. The best thing about this is FREE...now though nothing is free in this world...it may be having its own repercussions in the background

 :-) Here are the main features & benefits: 

-  Instantly decrypt and recover license/CD keys of popular Products

-  Simple & elegant GUI interface makes it easy to use.

-  Right click context menu to quickly copy the Product License Key

-  Sort feature to arrange the displayed passwords

-  Backup the the recovered Product Keys to HTML/XML/TEXT file.

-  Integrated Installer for assisting you in local Installation & Uninstallation.

3.  The product can be downloaded at http://securityxploded.com/product-key-decryptor.php

Internet Explorer : Vulnerable as always!!!

1.   Microsoft IE vulnerability CVE-2012-1889 is the latest to generate interest amongst avid cyber security readers. The special thing about this vulnerability is that it focusses on users using Gmail, MS Office and Internet Explorer. And the sad thing is that this is still a ZERO day exploit...... Rapid 7,Security software company,explains the vulnerability as follows:

“This is an uninitialized memory bug found in MSXML. According to Microsoft, such a component can be loaded from either Internet Explorer and Microsoft Office. This vulnerability is rumored to be “state-sponsored”, and what makes it really critical is it’s still an 0-day hijacking Gmail accounts. That’s right, that means if you’re using Gmail as well as Internet Explorer or Microsoft Office, you’re at risk. We expect this vulnerability to grow even more dangerous since there’s no patch, and it’s rather easy to trigger.”

2.    Whatever may say...majority of the users still by default keep using IE across the globe....when I see my own blog stats,about 60 % of the visitors use IE...and as we all keep seeing the exponential growth in the users of internet across the globe....but sadly the awareness level of how vulnerable they all are is unknown and is growing at a similar rate!!!

3.    Got the reference from here.Thanks https://community.rapid7.com.

CONTROL COOKIES TAKING CONTROL FROM UR BROWSERS

1.  In my earlier post here about cookies and types,I had mentioned about types and some relevant details.Now this one mentions about the steers and control available in prominent browsers to disable cookies digging into ur privacy !!!

Google Chrome

Go to 'Tools Menu'

Click on 'Options'

Click on 'Under the Hood'

'Cookie Setting' should be selected. Once done select 'Block all Cookies'

Now all cookies should be blocked on your Google Chrome

To clear existing cookies:

Go to 'Tools Menu'

Click on 'Options'

Click on 'Under the Hood'

Under 'Privacy' section select "Show Cookies'

A new window should open called 'Cookies' In here you can see all the cookies within your Google Chrome Browser.

Click on "Remove All" to remove all traces of cookies

If you wish to only remove a certain cookie, simply highlight and click "Remove"

Firefox

Go to 'Tools' in the menu bar

Click on 'Options'

Click on 'Privacy Tab'

Disable the box that says 'Accept Cookies From sites'

To clear existing cookies:

Go to 'Tools' in the menu bar

Click on 'Options'

Click on 'Privacy Tab'

Click on "Clear Now"

Select "Cookies"

Click on "Clear Private Data Now"

Internet Explorer (IE) 9.0+

Go to 'Tools' in the menu bar which should drop down then click on 'Internet Options'

Click on 'Privacy' Tab on top

Move the slider up to the 'Block all Cookies' button

Important Notice: Blocking all cookies may prevent you from entering alot of sites.

The next two Internet Explorer privacy levels, High and Medium High, may be more suitable.

To delete existing cookies:

Go to 'Tools' in the menu bar which should drop down then click on 'Internet Options'

Click on 'General' tab which should be under 'Browsing History' and click 'Delete'

2.  Thanks http://www.allaboutcookies.org

IE users stand vulnerable again : Warning from MICROSOFT

1. This one is a real eye (....or more simply account) opener of so many IE Web browser users across the globe and this one comes straight from the horses mouth....ie MICROSOFT which has warned that the approx 900 million users of its Internet Explorer Web browser are at risk of having their computers commandeered and their personal information stolen by hackers.Microsoft has issued a 'critical' security alert over a newly-disclosed flaw that impacts all versions of the company's Windows operating system, including Windows XP (SP3), Windows Vista, Windows 7, Windows Server 2003 and Windows Server 2008 (R2).

2. The trouble is meant primarily for users of IE only since no other major web browser available supports MHTML files.Microsoft also adds that the bug is inside Windows, (else who is going to use IE??????).Till date/hr as of now no hackers have been reported to exploit the vulnerability. 

3. An attacker could construct an HTML link designed to trigger a malicious script and somehow convince the targeted user to click it. When the user clicks that link, the malicious script would run on the user's computer for the rest of the current Internet Explorer session.Such a script might collect user information (e.g. email), spoof content displayed in the browser, or otherwise interfere with the user's experience.

4. For the otherwise already loosing users at a quick pace,this release would pacen up the loosing percentage of IE users across.

5.   Thanks http://www.smh.com.au