30 Nov
2016
30 Nov
'16
9:16 a.m.
On 11/29/2016 04:57 PM, Ben Mezger wrote:
"This is an Javascript exploit actively used against TorBrowser NOW. It consists of one HTML and one CSS file, both pasted below and also de-obscured. The exact functionality is unknown but it's getting access to "VirtualAlloc" in "kernel32.dll" and goes from there. Please fix ASAP. I had to break the "thecode" line in two in order to post, remove ' + ' in the middle to restore it."
https://lists.torproject.org/pipermail/tor-talk/2016-November/042639.html
Does this do anything against non-Windows systems? -- Shawn K. Quinn <skquinn@rushpost.com> http://www.rantroulette.com http://www.skqrecordquest.com