A "new" pack is advertised on underground. Thanks Kahu Security for locating and providing initial image of the advert.
In fact I faced it before seeing the advert, and reading it really puzzled me.
 |
| Initial advert for SafePack as spotted by @KahuSecurity |
What i faced was not matching this at all.
No CVE-2011-3402 (Duqu like fontdrop), no CVE-2013-0634 (LadyBoyle), no CVE-2013-1493
So I was kind of lost...This advert could be for Popads or Old version of Cool EK but not for what i saw.
But...going back checking if I could find more information :
 |
| Updated Advert - more realistic :) |
Ok. Sound better !
Here is btw the image that we are supposed to see in the advert :
 |
| Screenshot Provided in the advert |
And now here is what i faced :
 |
| CritXPack for sure ! hum... |
As CritXPack was kind of calm past days...i checked :
 |
| Safe Pack v2.0 Login Screen |
I see two explanation :
1- CritXPack (Formerly Vintage Pack) is now called Safe Pack v2.0
2- Safe Pack v2.0 is a rip of CritXPack...
Don't know for sure...based on initial advert + ProHack's other posts I bet for option 2.
Anyway won't make a full review of this pack.
As i was not aware of CVE-2013-1493 in CritXPack I tried that against Safe Pack v2.0
And yes...you are safe with java 7u15 and 6u41.
Chances are low to see major updates on this pack.
<edit1 2013-04-26>
</edit1>
<edit1 2013-04-26>
 |
| Safe Pack v2 - Private version of CritXPack now gone into commercial sales (?) |
Files:
SafePack_2pass_2013-04-20.zip (OwnCloud via Goo.gl)
Read More:
Meet CritXPack (Previously Vintage Pack) - 2012-11-12