Grumblar attacks

[Huntsman]

Zone Alarm (CheckPoint) maybe using scare tactics with their current Grumblar malware campaign.
They are suggesting a PC user needs their software to provide protection, which Free Zone Alarm does not provide.

Q. Does NoScript provide any protection in Firefox (V3.0.10), against Grumblar or what I understand to be a "Man in the Middle" attack once Grumblar installs itself.

[Giorgio Maone]

Does NoScript provide any protection in Firefox (V3.0.10), against Grumblar or what I understand to be a "Man in the Middle" attack once Grumblar installs itself.

NoScript does effectively prevent Grumblar (and any other similar pest) from being installed silently while you're browsing the web by exploiting a browser or, more likely, a plugin vulnerability.
Nothing can really help you once you're already infected, though, other than a thorough offline scan of your system or, even better, an OS reinstall.

[Tom T.]

Zone Alarm (CheckPoint) maybe using scare tactics with their current Grumblar malware campaign.
They are suggesting a PC user needs their software to provide protection, which Free Zone Alarm does not provide.

FWIW, this user has been using ZA Free Home for almost a decade. When ZoneLabs was bought by the much bigger Checkpoint, the commercialization pressure increased intensely, including scare tactics, "suites" of things to buy when you can get the same thing as good or better in freeware and with less bulk. (Also of interest: your d/l of ZA Free includes all of the "Pro Suite" components, locked out, of course, in the hope that you'll buy a license. I just finished hacking this 90 MB monster back into the 10 or 12 MB that is all ZA ever needed to do its firewall job, just by getting rid of the "Pro Suite" components. Do not try this at home.)

Q. Does NoScript provide any protection in Firefox (V3.0.10), against Grumblar or what I understand to be a "Man in the Middle" attack once Grumblar installs itself.

As Giorgio said, browse safely and use NS to prevent questionable parties from running scripts or plugins. ZA's much touted "Force Field" seems about like the free/nagware tool Sandboxie, which is only a couple of MB and will insulate the browser from the rest of the system. Worth checking out, although of course this forum cannot officially endorse any third-party products. I personally agree with your assessment of scare tactics to sell the Pro Suite, to the point that I disabled the ZA Update. They were just additional attempts to sell you the Pro Suite.

Strictly my own opinion and not that of NoScript, this forum, Giorgio Maone, or anyone else. No warranties or rights conferred. Browse safely at all times and take full advantage of NoScript's capabilities. GL.

Edit: In Google, this topic right here (your post) was the second-highest hit for "Grumblar". The first two were both Security Focus. They referenced US-CERT, the US's computer security organization. I'm familiar with CERT: They once recommended Fx+NS as being the *only* way to prevent a certain exploit, pending vendor patches. I searched US-CERT for Grumblar and couldn't find anything. Security Focus said it was discovered in March, and apparently is coming under control as web sites are alerted to the attacks and users and AV products are alerted to avoiding it. FWIW.