Skip to Main ContentSkip to Footer
Threat Analysis

Browser Based Vulnerabilities: "Month of Browser Bugs" (MoBB)

July 5, 2006

  • Date: July 5, 2006

Summary

The developers of the Metasploit project have announced that they will release one vulnerability per day in popular web browsers during the month of July as part of a "Month of Browser Bugs (MoBB)" initiative.

Scope

Multiple web browsers are affected including the latest versions Internet Explorer, Firefox, Safari, and potentially other web browsers.

If a vulnerability is used to compromise a web browser there could be significant impact to the end-user including losing personal information. Successful exploitation of a remote code execution vulnerability can allow an attacker complete access to the system which can lead to a larger network compromise, loss of sensitive materials, and other adverse impacts to business operations. These types of vulnerabilities are widely used by phishers and malicious software ("malware") developers to surreptitiously install spyware or bypass security measures.

Detailed Research Analysis

These browser-based vulnerabilities are being discovered using a technique known as fuzzing that involves developing pseudo-random permutations of input. Although fuzzing is not a new technique for discovering vulnerabilities, the application to web browsers is relatively new. The "Month of Browser Bugs (MoBB)" initiative has amassed a large number of vulnerabilities in many popular web browsers through purpose-built web browser fuzzing tools. They have pledged to release vulnerability per day for the month of July. In addition they have made the tools used to find these vulnerabilities available for anyone to use.

Protection/Response

Although no specific incidents of the discovered vulnerabilities have been used in malware at this time, SecureWorks Research is working to proactively monitor and develop countermeasures for new vulnerabilities and exploits as details become available. Secureworks will be actively monitoring for exploitation of these vulnerabilities and will update this alert as more information is available.

Additionally, vendor notifications have taken place. While vendor responses are pending, no specific browser patches have been made available at the time of publication.

Recommendations

Good security practices should be observed including timely patch management practices as soon as remediation information is made available from your browser developer/vendor.

References

ABOUT THE AUTHOR
COUNTER THREAT UNIT RESEARCH TEAM
Secureworks Counter Threat Unit™ (CTU) researchers frequently serve as expert resources for the media, publish technical analyses for the security community, and speak about emerging threats at security conferences. Leveraging Secureworks’ advanced security technologies and a network of industry contacts, the CTU™ research team tracks threat actors and analyzes anomalous activity, uncovering new attack techniques and threats. This process enables CTU researchers to identify threats as they emerge and develop countermeasures that protect customers before damage can occur.
Revenir aux blogs

ESSAYEZ TAEGIS DÈS AUJOURD'HUI !

Voyez par vous-même : Demandez votre démo pour voir comment Taegis peut réduire les risques, optimiser les investissements de sécurité existants et pallier la pénurie de talents.