Submit your breaking news stories and original articles to us by contacting us
Firefox and Mozilla Patch Exploit
Tuesday, Feb. 8 2005 | Author: jeremyA mere 12 hours after it was announced, Mozilla Foundation has already patched the holes in its software that allow sites to spoof URIs, making it easier to fool people with phishing scams.
In the software world, that is a pretty fast turn around and shows the benefits of open source software. Unless you download only the major releases, Firefox and Mozilla are essentially releasing new versions every 24 hours. Some include minor fixes that go unnoticed to those don’t read the changelog. Others are pretty big changes that could affect millions of users.
How often does Microsoft release a new version of IE?
By the way, Firefox is quickly closing in on the 25 million download mark.
Related posts:
Mozilla releases first Firefox 2.0 update
Mozilla offers Temporary Fix for Firefox Flaw
Happy 5th Birthday, Mozilla Firefox!
Windows Metafile Exploit Patch Available
8 Vulnerabilities Discovered In Firefox/Mozilla
Hope you like that post!
Forever Geek is a resource for all things geek. You can stay tuned by having the latest FG news delivered to you for free via RSS.
Category: Uncategorized
Tags:
Latest Features
Five concept watch designs that make you calculate the time
Steam: Diplomacy of Digital Downloads over Retail Boxes
Best of CES 2010 (Part One): 3DTV, Audio, Display, Processors, Gadgets
A Decade of Zombies IV: Epidemic Rooted in Society
3 Responses for "Firefox and Mozilla Patch Exploit"
February 9th, 2005 at 00:12
1I think it’s fantastic how much good “press” Firefox is getting for that 12 hour fix, when you consider the fact that, um, it ain’t a fix for the ’sploit, it’s a fix for the fact that until sometime in December, we were ignoring a whole set of prefs including the one to disable IDNs, except for right when you set them. That fix enables you not get phished by letting you completely prevent yourself from getting to domains with non-ASCII characters (except of course that there’s generally an ASCII-only alternative around, since the 800lb gorilla hasn’t implemented IDN yet).
February 9th, 2005 at 02:04
2Personally, I don’t see how it really fixesa problem unless they are releasing an actual PATCH to the released version of Firefox. Telling a corporation with 500 machines (or 5,000) running Firefox that they need to download the nightly build instead of patching the released build is not really acceptable. That nightly build will have all sorts of bugs from other code churn. Do people really think that it doesn’t matter?
When I get an IE patch, it’s a PATCH to the SHIPPED version so I don’t have to go redeploy the entire browser (and an untested version at that).
February 9th, 2005 at 09:10
3Speaking of Firefox upgrades, do you still have to remove the version installed, before upgrading to another build?
RSS feed for comments on this post
Leave a reply