Today several computers at our location have had access to the Wiggio shared calendar website blocked by Avast.
The warning is attached. It’s from a Firefox session on Win 7 but it also occurs in IE on Win XP.
This is definitely a legitimate website, used by several people. This problem did not occur before today.
I certainly do not want to tell people to use the website if it’s been compromised, but a web search does not indicate anything about such an event. So I need to know if this is a false positive as soon as possible.
EndPoint Protection Suite version 8.0.1603 (with SOA 1.3.3.35)
Virus Definitions version 140430-0
I don’t understand your reference to “the download” though. I don’t see any option to download anything on the wiggio.com page. Avast appears to be detecting a script, which it blocks. The site then displays a message stating that “there was a problem loading a necessary script file”.
But if there’s something that can be downloaded there that is a threat I definitely want to know about it.
" Security issue with IFrame based HTML hosting. This results in serious issues with the IFrame staying on top and obscuring important pop-ups.
the iFrame is hidden temporarily while the pop-up is dismissed. Impact is Cross Domain Information Disclosure Vulnerability. A malicious site may be able to modify the iframe of a site in an arbitrary external domain. Attackers could exploit this to gain access to sensitive information that is associated with the external domain. Other attacks are also possible, such as executing script code in other browser security zones. info credits SecurityFocus - mozilla,
** Funny that Web Security scan finds the iFrame flag on the no-op tag, used in assembler-level programming as filler for data or patch areas,
No-op tag could for instance be used to mark out the start and end of a chunk of HTML to be Ajaxed
We have been using this website with Avast here for several months but today was the first time Avast displayed a warning about it. Is it possible to know whether this is because something on the website changed, or did something in Avast change since yesterday?
That would help me to decide whether to permit access to it; if it’s only Avast that changed, then I would presume the site is as safe today as it was yesterday.
We have been using this website with Avast here for several months but today was the first time Avast displayed a warning about it. Is it possible to know whether this is because something on the website changed, or did something in Avast change since yesterday?
With a variant on what Pondus stated in his above posting:
“And what was being blocked to-day can become unblocked via the next virus update.” ;D
Glad to announce the site is no longer being blocked by avast!
Based on everything I read, it appears the primary reason for the block was “riskware”, which, while a good thing to be aware of, is not, in my opinion, a sufficient reason for blocking a site.
