"In a nutshell, it’s when you visit a malicious website and the attacker is able to take control of the links that your browser visits. The problem affects all of the different browsers except something like lynx. The issue has nothing to do with JavaScript so turning JavaScript off in your browser will not help you. It’s a fundamental flaw with the way your browser works and cannot be fixed with a simple patch. With this exploit, once you’re on the malicious web page, the bad guy can make you click on any link, any button, or anything on the page without you even seeing it happening."Users of Firefox do have a safety net with the NoScript add-on. With NoScript, you allow active content to run only from sites you trust.
Users of WinPatrol can help mitigate the effects of the clipboard hijacks by disabling Adobe Shockwave Flash with the ActiveX control in WinPatrol. (See WinPatrol 2008 introduced in its 10th year). To see how simple it is, just follow the illustrations I provided here, use the settings listed below and select disable for Shockwave Flash:
- Only view ActiveX controls used by Internet Explorer
- Toggle non-Microsoft ActiveX controls on/off.
- Adobe Flash ads launching clipboard hijack attack
- Announcing WinPatrol 2008 With ActiveX Control
- Clickjacking: Researchers raise alert for scary new cross-browser exploit
- NoScript Add-On
- NoScript Home Page
No comments:
Post a Comment
Neither spam nor comments containing vulgarities will be approved.