Hi malware fighters,

An error in the way browser security is implemented for important elements like Flash and Java, makes that an attacker can penetrate VPNs and firewalls and generate numerous zombies in this manner. A Stanford University team demonstrated a couple of months ago how they were able to infect 1000.0000 computers through a Flash ad costing only a 100 dollars, and also during the latest Blackhat & Defcon conferences the problem was debated.

The crux of the problem is the “Same Origin Policy” security, that uses sandboxing and limits JavaScript to run from the one domain into the context of the other domain, or allows access to properties of another domain. This concept may sound rather simple, but to implement it correctly is a very intricate task. While researchers knew about the issue way back in 1996 a permanent fix might still be a long way off.

"The same origin policy is a good policy as such, but it is totally broken as in most of its implementations.
" said David Byrne, a researcher, who presented this subject. Eleven years ago they warned against this problem: “This attack is dangerous when browsers hang behind a firewall, because a malicious applet can attack any machine behind this firewall.”

The attack is known as the domain-name service (DNS) rebinding, and makes that data are being sent from and towards the local network without the firewall being able to interfere. To prevent this problem Sun and other developers and browser developers also outlined a technique named DNS pinning, that does not allow any change for the IP-address for a certain domain for some consequent time. This security measure can be circumvented by DNS-anti-pinning techniques. Furthermore browsers and plug ins like Flash and Java use various tables for the pinned domains, that also can be attacked.

Both Microsoft and Mozilla are looking for a solution to this problem. As experts say it will take criminals another two to three years before they will use this maliciously.

Read here: http://www.securityfocus.com/news/11481/1

polonus

Both Microsoft and Mozilla are looking for a solution to this problem. As experts say it will take criminals another two to three years before they will use this maliciously.

[b]Would you like to wager your system security on that statement?[/b] >:(

If they know it’s broken, then it needs to be fixed. Making the crooks aware of the breach is an open invitation for them to start
exploiting this hole.

Hi bob3160,

That is right, but it is as if some Ajax and other web developers do everything to break Same Origin Policy, a very good article on the subject can be found here:
http://taossa.com/index.php/2007/02/08/same-origin-policy/

polonus