drive-by download

A Federal Judge acceded to a request from the U.S. Attorney’s Office to extend the operation of Domain Name System servers that are the last lifeline to the Internet for hundreds of thousands of machines infected by the DNSChanger malware, following a bust of the group controlling the infected machines in November.

Mozilla has released a new version of its flagship Firefox browser to fix 10 vulnerabilities that put Web surfers at risk of code execution attacks.
The Firefox 3.5.3 update — available for Windows, Mac and Linux users — patches security holes that could allow drive-by download attacks if a user simply surfs to a booby-trapped Web site.

There is a widespread attack underway against an unpatched vulnerability in the Msvidctl DLL, with attackers using thousands of newly compromised Web sites to exploit victims’ PCs via drive-by downloads. The attacks are using Internet Explorer as the attack vector and are pushing a Trojan downloader onto compromised machines.

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.