Monthly Archives: April 2009

Office 2007 SP2 Released

Microsoft Office 2007 Service Pack 2 has been released, it contains all of the Public Updates, Security Updates, Cumulative Updates, and Hotfixes released through February 2009.

Download Microsoft Office 2007 Service Pack 2

Open Redirect at Ask.com

Spammers have found an open redirect in the ask.com website. These redirects are often used to mask their URL’s from RBL’s and services like Spamcop.

Redirect:
http://wzeu.ask.com/r?t=lyc&u=http://www.microsoft.com/

I have put Microsoft in as an example here anyone can put any URL in at he end to use this redirect. I have filed a support ticket with Ask about this.

A redirect that they were using at Go.com is still open a month later even after I sent them notice of it. (Lazy)

Mozilla Firefox 3.0.9 Released

Firefox has been updates to version 3.0.9, list of fixes follows:

  • MFSA 2009-22 Firefox allows Refresh header to redirect to javascript: URIs
  • MFSA 2009-21 POST data sent to wrong site when saving web page with embedded frame
  • MFSA 2009-20 Malicious search plugins can inject code into arbitrary sites
  • MFSA 2009-19 Same-origin violations in XMLHttpRequest and XPCNativeWrapper.toString
  • MFSA 2009-18 XSS hazard using third-party stylesheets and XBL bindings
  • MFSA 2009-17 Same-origin violations when Adobe Flash loaded via view-source: scheme
  • MFSA 2009-16 jar: scheme ignores the content-disposition: header on the inner URI
  • MFSA 2009-15 URL spoofing with box drawing character
  • MFSA 2009-14 Crashes with evidence of memory corruption (rv:1.9.0.9)

Fixed in Firefox 3.0.9