The costs of running this huge site are paid for by ads. Please consider registering and becoming a Supporting Member for an ad-free experience. Thanks, ECF team.

Warning - Freak vulnerability on ecommerce

Discussion in 'Computer Security' started by rolygate, Mar 7, 2015.

Thread Status:
Not open for further replies.
Image has been removed.
URL has been removed.
Email address has been removed.
Media has been removed.
  1. CMD-Ky

    CMD-Ky Ultra Member Verified Member ECF Veteran

    Supporting member
    Sep 15, 2013
    KY
    Firefox 36.01 with Kapersky passes.
     
  2. rolygate

    rolygate Forum Manager Admin Verified Member ECF Veteran

    Supporting member
    Sep 24, 2009
    ECF Towers
    Sure, go ahead.

    I'm not sure how critical this alert is but fixing it can't hurt.
     
  3. Shawn Hoefer

    Shawn Hoefer ECF Guru Verified Member ECF Veteran

    Supporting member
    Jan 21, 2015
    Arkansas Ozarks
    Incorrect. I've tested opera, chrome, and the default android browser that is installed on my Galaxy Note 4 -all latest versions - all fail.
     
  4. Stosh

    Stosh Vaping Master ECF Veteran

    Oct 2, 2010
    Nevada
    Mobil browsers are a special case, they seem to be the least patched and most often vulnerable.
     
  5. rolygate

    rolygate Forum Manager Admin Verified Member ECF Veteran

    Supporting member
    Sep 24, 2009
    ECF Towers
    As far as we know, this can only happen if you are running an A/V with its own proxy, such as Avast with the Web Shield turned on. Otherwise all the data so far including the security people's advice on browsers / OS / devices is wrong.

    If you have no antivirus then this looks like a first. If you have Avast then update it (latest patch fixes the issue) or turn off the Web Shield. But - check the browser / OS list first, if your combo is listed as a fail, then that is the answer.
     
  6. retired1

    retired1 Administrator Admin Verified Member ECF Veteran

    Supporting member
    Apr 5, 2013
    Texas
    Ensure you're installing the latest version from Google Play. If you're installing from the provider, it's not going to be up to date.
     
  7. QueenMaster

    QueenMaster Senior Member ECF Veteran

    Nov 25, 2013
    west central, Illinois
    Thank you Roly for posting this including the Avast info. After I turned web shield off both my Firefox and Chrome passed. So I can confirm that the Avast web shield also affected my Chrome browser.
     
  8. DreamWithin

    DreamWithin
    Moderator
    Verified Member ECF Veteran

    Supporting member
    Jun 15, 2012
    New England
    Make sure you update Avast to the latest version, then you can leave your web shield on :)

    For some reason, the most current version was not automatically applied for me even though released almost a week ago, I had to manually run the update. So even if Avast says you're all up to date, open it up and choose "Settings" and then "Update" in the menu to see if you actually have the latest version (2015.10.2.2214)

    EDIT: note that that version number was taken from the paid version. I'm not sure if there are any differences in version numbers for the free one
     
  9. Shawn Hoefer

    Shawn Hoefer ECF Guru Verified Member ECF Veteran

    Supporting member
    Jan 21, 2015
    Arkansas Ozarks
    I always use google Play.

    Firefox for Android does not seem to be affected.
     
  10. oplholik

    oplholik ECF Guru Verified Member ECF Veteran

    Internet Explorer Patch available now — Security advisory

    Just downloaded the patch, and now I get "Page cannot be displayed" instead of the "Vulnerable"
     
  11. Nermal

    Nermal Ultra Member ECF Veteran

    Jun 8, 2013
    Farmington, NM USA
    Sadness. I don't think XP is supported any longer.
     
  12. retired1

    retired1 Administrator Admin Verified Member ECF Veteran

    Supporting member
    Apr 5, 2013
    Texas
    It isn't, and really should not be used to access anything on the Internet.
     
  13. DreamWithin

    DreamWithin
    Moderator
    Verified Member ECF Veteran

    Supporting member
    Jun 15, 2012
    New England
    XP was officially obsolete and no longer supported by MS as of April 2014. Any vulnerabilities that were present at that time (and any discovered afterward) are unlikely to be addressed
     
  14. fogging_katrider

    fogging_katrider Super Member Verified Member ECF Veteran

    Oct 31, 2013
    Tennessee USA
    [edited]

    Thanks for the heads up Roly :)
     
  15. Sgt. Pepper

    Sgt. Pepper Vaping Master Verified Member ECF Veteran

    The update from microsoft today fixed the vulnerability of IE.
     
  16. MacTechVpr

    MacTechVpr Vaping Master Verified Member ECF Veteran

    Supporting member
    Aug 24, 2013
    Hollywood (Beach), FL
    Thanks for the test link roly.

    LB, Apple's update is live on the Apple Store page.

    Good luck all.

    :)
     
  17. Katya

    Katya ECF Guru Verified Member ECF Veteran

    Supporting member
    Feb 23, 2010
    SoCal
    I'm getting an SSL connection error.

    I guess it's good news? :facepalm:

    Thanks Roly!
     
  18. mightymen

    mightymen Ultra Member ECF Veteran

    Nov 22, 2012
    Over there
    Just checked it out again and my Android tablet is secure today.
     
  19. DC2

    DC2 Tootie Puffer Verified Member ECF Veteran

    Jun 21, 2009
    San Diego
    What did you do to fix the problem?
     
  20. mightymen

    mightymen Ultra Member ECF Veteran

    Nov 22, 2012
    Over there
    It updates when needed and I guess that's what happen because this morning I checked with the test link and it was good to go.

    Android 4.2
     
Thread Status:
Not open for further replies.

Share This Page