The costs of running this huge site are paid for by ads. Please consider registering and becoming a Supporting Member for an ad-free experience. Thanks, ECF team.

Warning - Freak vulnerability on ecommerce

Discussion in 'Computer Security' started by rolygate, Mar 7, 2015.

Thread Status:
Not open for further replies.
Image has been removed.
URL has been removed.
Email address has been removed.
Media has been removed.
  1. Just Me

    Just Me Super Member ECF Veteran

    Mar 4, 2010
    Windows XP here. My IE is VULNERABLE, my Google Chrome is not. Thanks, Roly!
     
  2. jwbnyc

    jwbnyc Vaping Master Verified Member ECF Veteran

    Supporting member
    Mar 4, 2014
    Chrome has the patch already. Running that while waiting for the others to catch up.
     
  3. rowsley

    rowsley Ultra Member

    Jan 26, 2015
    Celina, Ohio
    Would hope they have a fix for android soon.
     
  4. Stosh

    Stosh Vaping Master ECF Veteran

    Oct 2, 2010
    Nevada
    My Chrome passed the test, as is, no patching necessary...:)

    edit -- Firefox, Pale Moon and Sea Monkey also passed, IE..not so much
     
  5. DavidOck

    DavidOck ECF Guru ECF Veteran

    Supporting member
    Thanks for the heads up!

    FF36.01 here on Win 7.1 - and came in vulnerable! Reading the freakcheck site, disabled Avast webshield and passed.

    Looked into the latest program (not definition) version update of Avast, and was due for an update. Updated Avast to latest program version and all's good with it's web shield running.

    While they state Firefox is not vulnerable, it pays to check. Your AV program may "intercept" the https calls, and if it's vulnerable an impervious browser won't help!
     
  6. Sgt. Pepper

    Sgt. Pepper Vaping Master Verified Member ECF Veteran

    I changed over to FF from IE and my system passed.:)
     
  7. rolygate

    rolygate Forum Manager Verified Member ECF Veteran

    Supporting member
    Sep 24, 2009
    ECF Towers
    @DavidOck
    Thanks - post #1 updated with Avast web shield info.
     
  8. catlady60

    catlady60 Ultra Member Verified Member ECF Veteran

    Nov 14, 2013
    Nazareth, PA
    Windows 7 here. My IE was shown to be vulnerable, but Firefox returned the error message, "Secure Connection Failed".

    Which means one thing: I'm doing my online vapemail shopping with Firefox. I don't use IE except to play games on Pogo.
     
  9. Papa_Lazarou

    Papa_Lazarou MKUltra Member Verified Member ECF Veteran

    Chrome on OSX failed to connect (that is, passed the test).
     
  10. DC2

    DC2 Tootie Puffer Verified Member ECF Veteran

    Jun 21, 2009
    San Diego
    Thanks for the heads-up!

    Windows 8.1 my Google Chrome passed, Internet Explorer did not.
    Thankfully, I don't use Internet Explorer unless I have to.
    :)
     
  11. Jerms

    Jerms Vaping Master ECF Veteran

    Jan 1, 2011
    Fargo
    My Android phone showed vulnerable. I use the default Android browser, not sure if it can be patched as I've never seen an update for it. I'll search for what I can do, but if someone already knows I'd appreciate it!
     
  12. retired1

    retired1 Administrator Admin Verified Member ECF Veteran

    Supporting member
    Apr 5, 2013
    Texas
    If you can install the latest version of Chrome, you should be OK.
     
  13. Jerms

    Jerms Vaping Master ECF Veteran

    Jan 1, 2011
    Fargo
    Thanks, I have Chrome so just need to update it. I have it, but I don't like it :) If i browse with my default Android browser but do online orders from Chrome I should be safe from the freak attack right?
     
  14. retired1

    retired1 Administrator Admin Verified Member ECF Veteran

    Supporting member
    Apr 5, 2013
    Texas
    Bear in mind, this affects ANY https connection. Whether it be with your email account, shopping cart, etc. Any secure communication using https is affected by this bug.

    It's unknown whether Google will address the default browser issue on Android. And if your phone is locked into a provider, you're also at their mercy as to when they'll push a patch. If Chrome isn't to your liking, I do believe FireFox makes a "droid" version as well.
     
  15. Jerms

    Jerms Vaping Master ECF Veteran

    Jan 1, 2011
    Fargo
    Thanks, good to know. Seems the best idea will be to use a different browser all together. I can check my my default browser periodically with that link to see if it's patched.
     
  16. Rickajho

    Rickajho ECF Guru Verified Member ECF Veteran

    Apr 23, 2011
    Boston MA
    Bumping this - 'cause it's important.
     
  17. fractalsauce

    fractalsauce Full Member Verified Member

    Feb 23, 2015
    Jacksonville, FL
    Thanks for the heads up! I too have FF and Avast, and initially the test failed. Once I turned the web shield off, I passed. Just updated Avast, but a reboot is required. Let's see if I can turn the Web Shield back on after reboot...

    EDIT: It works! I mean doesn't! I mean the page doesn't load so I'm safe! Yay!
     
  18. Rsunderl

    Rsunderl Ultra Member Verified Member ECF Veteran

    Chrome on my android (latest version from the Play Store) is still vulnerable. I installed Firefox, and that one isn't vulnerable - it passes the tes by failing to load the page.

    Thanks, Roly!
     
  19. X6X8

    X6X8 Senior Member Verified Member ECF Veteran

    Aug 7, 2013
    Paris, Tx, USA
    Thank you SO much. Running Firefox and Avast. Tested Vulnerable. Closed Avast web shield. Passed the test. Updated Avast. Turned web shield on. Re-ran test. Passed!! Updated Firefox just to be sure. Re-ran test again. Passed!

    Like many of you probably do, I purchase online daily. I'm So glad I saw this thread. Thanks again Roly!
     
  20. X6X8

    X6X8 Senior Member Verified Member ECF Veteran

    Aug 7, 2013
    Paris, Tx, USA
    Roly, would you mind if I shared your post information with my Facebook family? This info should be broadcast on News Channels for everyone to see.
     
Thread Status:
Not open for further replies.

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice