When I have accessed ASN tonight Avast has popped up with a Malware block as if ASN is running a virus. Just thought I would let you know. It seemd to be a .jp website/link blocked but cant find log at the mo. EDIT: This is the URL apparently http://d1ros97qkrwjf5.cloudfront.net/42/eum/rum.js
Thanks for the info - that type of thing is sometimes seen in header injections - I'll look into it... Rob
I actually noticed Avast saying it blocked this exact URL on 2 different, unrelated sites in the past 15 minutes, and so Googling it naturally brought me here. I just thought you should know that this may be a more widespread problem than specific to ASN, so make sure you check other JS libraries/etc that are used.
Further info: it seems to be an XSS injection into the SnapWidget JS. I'd suggest removing the snapwidget code until they fix it on their end.
Wow, it's a knight of the road who registers to pass on a heads-up, thanks very much. We're checking through stuff now, but a you say, if a library has been compromised it might be that a resolve is as much dependent on others as it is us... We'll keep you all posted as the situation develops... Thanks again, Rob. PS> If anyone sees any further symptoms, please advise here. EDIT: I was typing as you replied... Again, thanks for the heads-up, I'll pull it now - we'd be grateful if anyone still finding warnings could advise...
No problem, glad I could help. A security hole this big is too serious to not spread the word. I've emailed the snapwidget support team, so let's see what they do / how long it takes to fix it. UPDATE: I've done some more investigation and it may be that this is just an Avast false positive. (See: https://www.vbulletin.com/forum/sho...p-d1ros97qkrwjf5-cloudfront-net-42-eum-rum-js and http://forum.avast.com/index.php?topic=112266.0).
