Hi malware fighters,
Recently we see a trend on the increase and that is websites that are infected with malicious code.
We see more and more that users of avast report in the "virus and worms" that avast prevented them from connecting to a particular site and they had to "disconnect, and most important of all have not been infected that way!
This is an example of the fact that avast does what it should do and protect the user from possible malicious vectors, iFrames, redirects, injections, scripts, etc. etc., while surfing the world wide web.
Avast has a very good detection rate here, and is even getting better still. So I am glad to be part of the avast community, grateful for what the forums have taught me security wise, and proud of the improvements that avast is realizing all the time. Chapeau!
Remember here that for the biggest av vendors the situation is a bit worse, because malcreants test their malware against these scanners all the time to be able to pass "under the radar".
For a survey of these attack signatures, and an oversight of what threats lure out there:
http://www.symantec.com/business/security_response/attacksignatures/index.jspThat is why having Secunia PSI running in the background is a good advice for all security aware PC users: download this background tool from here:
http://secunia.com/PSISetup.exeIf you do not believe the necessity then do the online scan:
http://secunia.com/vulnerability_scanning/online/ ,and see what third programs you have forgotten to update or patch...
Some of these threats like this one (that avast blocks perfectly), described here:
http://www.symantec.com/business/security_response/attacksignatures/detail.jsp?asid=50118 are only when you browse with IE. So it is IE-specific vulnerability, or you have patched it.
But there are also vulnerabilities that are specific for Firefox.
The best protection to use on top of having avast at the background is installing the NoScript add-on for your Firefox browser:
http://noscript.net/?ver=1.8.9.7&prev=1.8.9.2I have not seen any browser related vulnerability that NoScript did not protect against, and it even protects against 0-days and things that have not been detected yet, so better install that extension.
Keep safe and secure online,
polonus