My Tractor Forum banner

1 - 6 of 6 Posts

·
A day ahead of y'all..
Joined
·
4,597 Posts
Discussion Starter #1
For those of you who use Firefox browser, there is an update for it to the latest version of 1.0.2. I use Firefox amlost exclusiverly on my XP machine (yeah, I know...what a step down from th Macs.....(LOL) but I use Firefox on them also as my 2nd browser, after Safari.

It can be found here: http://www.mozilla.org/

Greg
 

·
Registered
Joined
·
1,313 Posts
Updates already? Didnt it just come out? LOL oh yeah they forgot some of the generic security holes....Ooops :00000060:
 

·
Registered
Joined
·
1,313 Posts
Lots of updates on both sides of the fence, but not fixing what was broke the first time, is just lame....

Ducati


=================================================
Security Holes Bite Firefox

Mon Apr 18, 1:00 PM ET Technology - PC World


Matthew Broersma, Techworld.com

Firefox has been hit by no less than eight security flaws, six of which are also found in the older Mozilla suite.


• Mozilla Patches Firefox Hole
• Symantec: Hackers Turn Attention to Mozilla Browsers
• Mozilla Ditches Browser Suite
• Are Fewer People Switching to Firefox?
• Mozilla Warns of Firefox Security Holes

The vulnerabilities could allow an attacker to take over an affected system, carry out cross-site scripting and bypass some security restrictions, the Mozilla Foundation warned at the same time it released patches for the holes. Independent security firm Secunia gave the updates a "highly critical" rating.


As Firefox gains market share its handling of security issues is drawing more scrutiny. The patches, issued on Friday, are the third round of security fixes for Firefox and the seventh update for the 1.7 version of Mozilla. The Mozilla project has stopped major development on the suite, but is continuing to fix security flaws.



Patch Lineup

Two of the flaws affect Firefox only: an input validation error when processing the "pluginspage" attribute of the "embed" tag for plugins, which can be used to inject JavaScript code, and a bug in the sidebar that could allow cross-site scripting.


The remaining six bugs affect both browsers. Certain pop-ups can execute malicious code on a user's system, if the user opens the pop-up. A bug in the way windows and tabs are handled can allow malicious code from an untrusted site to execute in the context of another site. A bug involving the URLs of "favicons" icons allows JavaScript code to execute with escalated privileges.


A bug in installing search plug-ins can allow malicious code execution, but requires tricking the user to install a specially crafted search plug-in. Input validation errors in InstallTrigger and other XPInstall-related JavaScript objects could allow malicious code execution.


Finally, a problem with the "chrome" user-interface code in validating DOM nodes allowed several exploits that could allow malicious code execution or data theft, requiring only trivial user actions such as clicking on a link.


The updates, version 1.0.3 of Firefox and 1.7.7 of Mozilla, are available from the Firefox and Mozilla download pages. The project said a number of extensions were broken by the updates, but most extensions have now been revised to work with the new versions.
 

·
Registered
Joined
·
8,508 Posts
Lots of updates on both sides of the fence, but not fixing what was broke the first time, is just lame....

Ducati



Are you not talking about Internet Exploder are you? ROF
 

·
Registered
Joined
·
1,313 Posts
MowHoward2210 said:
Lots of updates on both sides of the fence, but not fixing what was broke the first time, is just lame....

Ducati



Are you not talking about Internet Exploder are you? ROF
No Mozilla and Firefox ROF
 

·
Administrator
Joined
·
11,858 Posts
I updated to 1.7.7 Mozilla last night. I had an IE update a few days ago. If this keeps up I will need a high speed connection to get anything done besides updates. At least with IE the security update file sizes are generally smaller and you don't have to delete and reload the program.
 
1 - 6 of 6 Posts
Top