1. Offline

    DonDNH Active Member

    Member Since:
    Feb 3, 2004
    Posts:
    813
    Likes Received:
    25
    Location:
    Nashua, NH
    Your Vehicle Year:
    2010 Prius
    Model:
    V
    "A pair of unpatched vulnerabilities in Mozilla's Firefox Web browser -- rated as "extremely critical" by one security firm -- could allow an attacker to take control of a PC simply by getting a user to visit a malicious Web site, Mozilla said Sunday.


    Because proof-of-concept code has been leaked -- as were the vulnerabilities -- before a patch was ready, Mozilla recommended that Firefox users either disable JavaScript or lock down the browser so it doesn't install additional software, such as extensions" or themes, from Web sites."



    http://news.yahoo.com/news?tmpl=story&u=/c...c_cmp/163100381
  2. Offline

    bookrats New Member

    Member Since:
    Mar 12, 2004
    Posts:
    2,843
    Likes Received:
    0
    Location:
    Seattle, WA
    Thanks for forwarding this, Don.

    I've switched off the "Allow Downloads" in my Firefox 1.0.3 version. (Though Firefox has always asked me first re: I want to download updates first.)

    As with any of these articles, I wonder on the validity of the research -- are they being alarmist, etc. However, this looks pretty solid.

    Appreciate you alerting us!
  3. Offline

    Sufferin' Prius Envy Platinum Member

    Member Since:
    Jul 7, 2004
    Posts:
    3,998
    Likes Received:
    8
    Location:
    USA
    Your Vehicle Year:
    Other Non-Hybrid
    The fix has landed!

    Firefox 1.0.4 is now available. There was some confusion earlier about a nightly release being called the final version . . . but this is it.
    My "About Firefox" says 1.0.4

    http://www.mozilla.org/

    What's New 1.0.4

    Firefox 1.0.4 is a security update that is part of our ongoing program to provide a safe Internet experience for our customers. We recommend that all users upgrade to this latest version.

    Here's what's new in Firefox 1.0.4:

    * Several security fixes.
    * Fix to DHTML errors encountered at some web sites. For web developers, learn more.



    Gee, how long did that fix take? A couple of days!
    Firefox Rules!!!

Share This Page