12th week of Security Podcast for CERTSTATION

Hello and welcome to the CERTStation Podcast for the 12th week of 2010. I am Jay Johnson and these are the headlines:

Users are demanding refunds from Anti Virus Vendor after they released few updates, which crippled their PCs (pause)
To fight scammers, Russia has started to crack down on .ru domain while
Mozilla Firefox 3.6 addresses a highly critical vulnerability (pause)
Australia's government has now started filtering the Internet and Finally
Some details from the CanSecWest Conference about Pwn2Own 2010 Contest

And now for this week's newswire details
Some customers stranded by a flawed BitDefender antivirus update that crippled their computers have demanded refunds and compensation for money spent fixing their PCs, according to messages on the company's support forum. The Saturday update quarantined hundreds, sometimes thousands, of legitimate files on Windows 64-bit systems, including those with .exe, and .dll extensions, making it impossible to boot affected computers once they had been powered off. BitDefender acknowledged the problem the same day, and released a patched update and workaround instructions Sunday. Among the workarounds was a complicated procedure that required users to download a repair disk and burn it to a CD or DVD that would then be used to boot the PC so that the owner could reverse the rogue quarantining of critical files. Earlier in the day, the company had advised users to disable the BitDefender antivirus module and wait for a new definition update, which is supposed to correct the problem.

(pause)
The organization that administers Russia's .ru top-level domain names will soon begin verifying the identity of its customers in an attempt to crack down on cybercrime, according to reports. Starting April 1, Russia's Coordination Center for will require individuals and businesses applying for a .ru domain address to provide a copy of a passport or legal registration papers. According to many in computer security and US law enforcement circles, Russia is a haven for cyber crooks because it is so hard to bring criminal charges in that country. As a result, spammers, malware scammers and other online criminals often operate with near impunity there. The new .ru registration requirements will make it harder for criminals to take out domains under fake identities. At the very least, it will make the process more expensive and time consuming. China, which has also been criticized for being a haven for online crime, imposed similar requirements in December.

(pause)
Mozilla has plugged critical unpatched cross-platform vulnerability in Firefox a week ahead of its previously announced schedule. Firefox 3.6.2 fixes a flaw first discovered by security researcher Evgeny Legerov last month, and confirmed by Mozilla last week. The zero-day vulnerability - now identified as an integer overflow flaw involving the WOFF font decoder used by the latest version of Firefox - created a means for hackers to distribute malware via drive by download attacks from maliciously constructed sites, providing vulnerable marks were using Firefox version 3.6. Early versions of the open source browser do not use the vulnerable WOFF decoder technology, and are therefore immune from the bug. Possibly prompted by this slap in the chops, Mozilla released a full version of the latest version of the browser on Monday night. An absence of problems related to the beta version of 3.6.2 in the four days since its release cleared the passage for the release of the update to the open source browser.

(pause)
Google, Microsoft and Yahoo are among many high-tech companies that have objected to the Australian government's plan to begin filtering Internet content. 147 comments were submitted to the government on its proposal to begin blocking certain Web sites - particularly those that present harm to children. From the text of its website, the IIA is an Australian industry body which aims to promote laws and initiatives which enhance access, equity, reliability and growth of the internet. Or, in the much punchier word to build a faster, safer, fairer, more trusted internet in Australia. The IIA's proposals are quite different. The IIA, and those who support the initiative, recognize that significant de-zombiefication can be achieved without monitoring, tracking, clean-feeding, filtering, sniffing, deep packet inspection or any other buzzwords which reek of privacy violation.

(pause)
A pair of European researchers used the spotlight of the CanSecWest Pwn2Own hacking contest here to break into a fully patched iPhone and hijack the entire SMS database, including text messages that had already been deleted. Jumping through a series of anti-exploit roadblocks, Dutch hacker Peter Vreugdenhil pulled off an impressive CanSecWest Pwn2Own victory here, hacking into a fully patched 64-bit Windows 7 machine using a pair of Internet Explorer vulnerabilities. For the third year in a row, Charlie Miller has hacked into a MacBook by exploiting a critical Safari browser vulnerability. At the CanSecWest Pwn2Own hacker contest here, Miller performed a clean drive-by download against Safari to get a full command shell on the MacBook.

If you enjoyed this podcast why not visit CERTStation.com and check out our free Internet Security Dashboard. In the meantime this is your host Jay Johnson wishing you a safe and secure week.