Hello, welcome to the Thursday, January 26, 2017 edition of the Sandsenet Storm Centers, Stormcast. My

name is Johannes Ulrich, and today I'm recording from Jacksonville, Florida. It looks like the Cisco

WebEx plugin issue will stick with us for a little bit longer. First of all, Cisco released an updated bulletin, including

Firefox and an explorer in the list of vulnerable browsers. So it's not just Google Chrome.

Some of expected, given the nature of the flaw, it wasn't specific really to Chrome, but more to the way that this plugin works.

Second, Travis Ormandy from Google, did state that they found additional remote code execution

vulnerabilities in the plugin. Now, there are no details known yet about these vulnerabilities.

They have reported them to Cisco, so hopefully

Cisco will release updates soon. If you are relying on WebEx and if that's your remote

communication suite of choice, you probably use it several times a day. There isn't really much

you can do at this point other than

possibly disabling the plugin if you're not actively using it that may help here

or just use one browser with the plugin installed for your video conferencing needs

and then set up a second browser for all of your

other browsing. But just to be clear, the big deal here was that there was an exploit available

for this vulnerability. That vulnerability has been fixed. The other vulnerabilities, there

is at least no public exploit at this point, so you may have a little bit

time to wait for Cisco to come up with a patch. And Xavier wrote up a malicious SVG file that he

found in the wild. Now SVG are images that distinguish themselves by being vector-based. So this way they

nicely scale SVG stands for scalable vector graphic. In addition to just having sort of expressions

for lines and circles and alike, you may also embed JavaScript in these images in order to modify these SVG images

on the fly. Of course, this can be abused, and that's what these malicious files took advantage

...