Quantcast

Maxthon Beats Microsoft to the Punch Creating Barrier to Zero-day Attacks

January 21, 2010

BEIJING, Jan. 21 /PRNewswire-Asia/ — Maxthon announced its browser
already has in place technology that blocks zero-day “Aurora” hacking attacks
such as the one that broke into computers run by 20 companies, including
Google, Adobe, and Juniper Networks, making away with intellectual property.

The attack exploited a previously unknown vulnerability, nicknamed Aurora,
in Internet Explorer. The attacks took advantage of buffers in a file,
mshtml.dll, engineers at Maxthon explained. When the buffers are flooded with
more data than they can store, it creates an opening to a computer, through
which a trojan is downloaded. The trojan program gives access to the
compromised computer that the attacker can use to scan and download files.

The latest version of Maxthon Browser 2.5.12 beta, under testing since
late 2009, already has a security measure included called “Safe Box” that
protects against Zero-day vulnerabilities such as that exploited by Aurora.
Zero-day refers to a weakness that has not yet been spotted or fixed by a
program’s developers. When the first victim triggers the attack by opening an
infected email, download, or Web site, that is the “zero-day.” Microsoft has
so far not issued a security patch although it has promised one by January 21.
Users of the latest version of Maxthon are already protected against such
attacks. It can be downloaded at the Maxthon Forum:
http://forum.maxthon.com/viewthread.php?tid=77881 .

A person using Maxthon and who is tricked into an Aurora trap would see a
dialog box similar to this one.
http://blog.maxthon.com/wp-content/uploads/2010/01/1.jpg

A harmless simulation of the Aurora vulnerability is provided for
demonstration at http://www.maxthon.com/test/security.htm .

If your browser is not protected by methods such as the Safe Box in
Maxthon, the demonstration could crash your computer or launch Windows’
calculator, but it does no permanent damage.

More information on Maxthon Browser is available at
http://www.maxthon.com/index.htm .

    For more information, please contact:

    Western Hemisphere:
     Ron White
     Email: ron@maxthon.com
     Phone: +1-210-683-1444
     Web:   http://twitter.com/Maxthonguy

    Eastern Hemisphere:
     firs73 a.k.a Selena
     Email: firs73@maxthon.net
     Web:   http://twitter.com/firs73

SOURCE Maxthon


Source: newswire



comments powered by Disqus