New “Extremely Critical” Security Holes Discovered in Firefox - 1,351 Views, 4 Comments
|
Previous Article « Breaking News! Court Strikes Down FCC’s Broadcast Flag!
Read Next Article » New Windows AIM Virus Invites You to the Pub
Of course, it’s also been said that one reason that Microsoft products are so hellatiously leaky security-wise is because with the enormous market-share that Microsoft has, they are the biggest targets for hackers, virus-writers and other packet-sucking scum. Perhaps there is some truth to that, and equally some truth that such products come under increased scrutiny from the security sector as well. And with Firefox’s increased market-share it only stands to reason that they too would come under such focus. And thus it was that this week it has been reported that two new vulnerabilities have been reported in Firefox, even version 1.0.3, which is the latest version. Researchers at security company Secunia, calling the holes “extremely critical”, have found that the newly discovered vulnerabilities can be exploited in tandem to allow hackers to gain remote access and control of compromised systems by using what is known as a “cross-site scripting attack”. The vulnerabilities involve both JavaScript, and a software installation setting which would ordinarily allow sites such as mozilla.org to perform software updates. Until Mozilla releases a fix, Secunia advises that Firefox users disable JavaScript, as well as the software installation option in Firefox.
Follow Anne on
Twitter 
Friend Anne on Facebook
Firefox, which is by all accounts and measures a superb web-browser, recently celebrated their 25millionth download. Yes, you read that right - Firefox has been downloaded twenty-five million times, and in large part this is due not only to its excellent user interface, but its generally providing a much more secure browsing experience than, say, Internet Explorer.
New “Extremely Critical” Security Holes Discovered in Firefox
Twitter Explained in Plain English
Previous Article « Breaking News! Court Strikes Down FCC’s Broadcast Flag!
Read Next Article » New Windows AIM Virus Invites You to the Pub
Read more:
» New Security Update for Firefox Fixes High Risk Issues
» Firefox Flaw Found and Fixed (Get the Patch)
» No Wait, These Ã…re the Last Two Windows Holes of the Year
» FireFox Security Holes Lead to Warning
For additional similar stories check out our archives on Security
NOTE: We never, ever, ever will recommend any product or service on this site that we have not regularly used ourselves and do not wholeheartedly believe in. That said, in some cases after being very pleased with a product or service, we may enter into a relationship with the provider of that product or service such that if someone purchases that product or service based on our recommendation, we may get a small payment. Such payments go towards the upkeep of the Internet Patrol.
http://www.mozilla.org/security/announce/mfsa2005-42.html
Short version: most people have no reason to worry, but check it out, in case you have atypical settings.
Comment by Ville — 5/10/2005 @ 12:44 am
Read Brian Livingstone’s update on this matter - it’s most helpful. http://windowssecrets.com/comp/050512/
Comment by Nigel Perels — 5/13/2005 @ 2:45 am
Firefox 1.0.4 is now the latest version. The authors are more current in fixing the security problems than I am in my newsletter reading.
Comment by Ken — 5/22/2005 @ 3:23 pm
The latest version is now 1.0.4.
Comment by Ken — 5/22/2005 @ 3:26 pm