Language Selection

English French German Italian Portuguese Spanish

How To Stop Firefox Clickjacking Exploit Attack

Filed under
Security

Really scary exploit attack in wild, which affects all browsers under any desktop operating systems including MS IE, Linux, Apple safari, Opera, Firefox and Adobe flash. Any website that uses CSS, flash and IFRAME (used to serve ads) can be used to attack on end users. Attacker is able to take control of the links that your browser visits. From the article:

In a nutshell, it’s when you visit a malicious website and the attacker is able to take control of the links that your browser visits. The problem affects all of the different browsers except something like lynx. The issue has nothing to do with JavaScript so turning JavaScript off in your browser will not help you. It’s a fundamental flaw with the way your browser works and cannot be fixed with a simple patch. With this exploit, once you’re on the malicious web page, the bad guy can make you click on any link, any button, or anything on the page without you even seeing it happening.

According to victims on several Web forums, the attack is coming from Adobe Flash-based advertising on legitimate sites — including Newsweek, Digg and MSNBC.com.

How do I stop Clickjacking under Firefox?




More in Tux Machines

today's leftovers

Linux Development and LinuxCon

  • Linus Torvalds says GPL was defining factor in Linux's success
    Linus Torvalds and Dirk Hohndel, vice president and chief of open source at VMware, discussed the role that GNU GPL played in the success of Linux during a keynote conversation this week at LinuxCon NA in Toronto. Hohndel, who has been involved with the kernel for a very long time, said that during the past 25 years there have been many challenges, and one of the biggest challenges was the possibility of fragmentation. "How do we keep one single kernel?" he asked. "I used to be worried about fragmentation, and I used to think that it was inevitable at some point," said Torvalds. “Everyone was looking at the history of Linux and comparing it with UNIX. People would say that it’s going to fail because it's going to fragment. That's what happened before, so why even bother?" What made the difference was the license. "FSF [Free Software Foundation] and I don't have a loving relationship, but I love GPL v2," said Torvalds. "I really think the license has been one of the defining factors in the success of Linux because it enforced that you have to give back, which meant that the fragmentation has never been something that has been viable from a technical standpoint."
  • Making Use Of eBPF In The Mainline Linux Kernel
    One of the exciting innovations within the Linux kernel in the past few years has been extending the Berkeley Packet Filter (BPF) to become a more generalized in-kernel virtual machine. The eBPF work with recent versions of the Linux kernel allow it to be used by more than just networking so that these programs can be used for tracing, security, and more.
  • Linux turns 25 with a brilliant history
    Chances are, you use it every day. Linux runs every Android phone and tablet on Earth. And even if you’re on an iPhone or a Mac or a Windows machine, Linux is working behind the scenes, across the Internet, serving up most of the webpages you view and powering most of the apps you use. Facebook, Google, Pinterest, Wikipedia—it’s all running on Linux. Now, Linux is finding its way onto televisions, thermostats, and even cars. As software creeps into practically every aspect of our lives, so does the OS designed by Linus Torvalds.
  • Intel Lost Another Open-Source Driver Developer To Google Earlier This Summer
    There was another long-time Intel open-source Linux graphics driver developer that left the company earlier this summer and is now working at Google on the Chrome/Chromium OS graphics stack. Among the notable departures in the past few months from Intel's Open-Source Technology Center were Jesse Barnes, Wayland-founder Kristian Høgsberg, and Dirk Hohndel and apparently others that went under the radar or outside of our area of focus. Another graphics driver developer no longer at Intel is Chad Versace.
  • OpenGL ES 3.1 For Haswell Lands With Intel's Mesa Driver