Netscape Users Vulnerable to New Security Breach

A new hole has been dug and Netscape users are falling in. A little java applet called Brown Orifice, named for a hacker utility called Back Orifice, is out there lurking in cyberspace. The applet can reside on any web site and you can’t see it if it’s there. If you access a web site containing the applet, the applet will run in the background, providing access to the files on your hard drive.

The applet was created by, Dam Brumleve, a security expert who chanced on the programming code last week. Brown Orifice is not all bad. The applet can be used non-maliciously for trading files among a community of users on different computers. In the wrong hands, however, the applet can cause a security breach.

In addition to lurking on web sites, the Brown Orifice applet can be sent in an email message and simply clicking on the message will activate the applet. When running, the applet provides full access to your files until Netscape is shut down. Netscape versions 4.5 to 4.7 are affected.

Netscape officials are aware of the problem and claim a fix will be available soon. Netscape version 6, which is due for release later this year, will not be vulnerable to this applet, according to Andrew Weinstein, a spokesman for Netscape. A preview version of Netscape 6 is currently available for download at the Netscape web site.

Meanwhile, Netscape users can turn off java, which will prevent the applet from running, by clicking on the Edit menu, choosing Preferences, then choosing the Advanced option. Make sure that the “Enable Java” option is not checked.

You may like these other stories...

Cybersecurity is no longer the domain of an organization's IT staff. It's moved to the boardroom, and in a big way. Accountants and financial managers may have been thinking it's just the province of the tech...
You probably don't want to think about how many times you access the File menu in Excel 2010 or 2013. Personally I think Excel 2010 has the best possible File menu arrangement, other than having Print Preview grafted...
Following other recent high-profile hacking events, investigators discovered yesterday that hackers broke into the draft work paper files of several famous CPA firms. Revealing images of the scantily clad documents have been...

Already a member? log in here.

Upcoming CPE Webinars

Sep 24
In this jam-packed presentation Excel expert David Ringstrom, CPA will give you a crash-course in creating spreadsheet-based dashboards. A dashboard condenses large amounts of data into a compact space, yet enables the end user to easily drill down into details when warranted.
Sep 30
This webcast will include discussions of important issues in SSARS No. 19 and the current status of proposed changes by the Accounting and Review Services Committee in these statements.
Oct 21
Kristen Rampe will share how to speak and write more effectively by understanding your own and your audience's communication style.
Oct 23
Amber Setter will show the value of leadership assessments as tools for individual and organizational leadership development initiatives.