dslreports logo
 
    All Forums Hot Topics Gallery
spc
uniqs
16
Mele20
Premium Member
join:2001-06-05
Hilo, HI

Mele20 to Cartel

Premium Member

to Cartel

Re: NBC Website Hacked

Mozilla blocked access to nbc.com during the attack (as did Chrome and Facebook). BUT during that window of time before Mozilla began blocking the site, a user with the latest Fx and internal PDF turned on, may have been vulnerable. Plus, not everyone sets their browsers to block reported attack sites. It is not clear to me whether or not Mozilla blocked nbc.com regardless of the user's settings or not.

I have never allowed PDF to be read in a browser. Firefox's internal PDF is using HTML5 so I don't know if it was vulnerable or not to this exploit. Even if not.....what about the next time? I continue to download PDF to disk, scan and THEN open in Evince which is little used on Windows (works great though) so less likely to be attacked by exploits.

»hitmanpro.wordpress.com/ ··· malware/

StuartMW
Premium Member
join:2000-08-06

StuartMW

Premium Member

said by Mele20:

Plus, not everyone sets their browsers to block reported attack sites.

I turned that feature off since it was constantly reporting a (bookmarked) forum site I visit from time to time as an attack site. I looked into it and it was reported because some posts contained links to malware. Since I'm not dumb enough to click on them anyway I turned off the feature.

It was nice of Mozilla to hold my hand though. I felt all warm'n'fuzzy

AVD
Respice, Adspice, Prospice
Premium Member
join:2003-02-06
Onion, NJ

AVD

Premium Member

said by StuartMW:

said by Mele20:

Plus, not everyone sets their browsers to block reported attack sites.

I turned that feature off since it was constantly reporting a (bookmarked) forum site I visit from time to time as an attack site. I looked into it and it was reported because some posts contained links to malware. Since I'm not dumb enough to click on them anyway I turned off the feature.

It was nice of Mozilla to hold my hand though. I felt all warm'n'fuzzy

should have set it up as an exception instead..