Today, the security firm Secunia has released 8 more security bugs it has discovered in Mozilla products, including Firefox and Thunderbird.
If you have downloaded the Firefox 1.0.1 update, you have nothing to worry about. The Mozilla 1.7.6 and Thunderbird 1.0.1 released should be out this week as well. The exploits “could be used by criminals to spoof, or fake, various aspects of a Web site, ranging from its SSL secure site icon to the contents of an inactive tab.”
This announcement comes 1 day after iDefense announced a vulnerability is Mozilla 1.7.3 and Firefox 1.0 that would allows hackers to “create a memory heap overflow, which then allow remote code execution and a compromise of the system.”
In other Firefox news, Asa has been covering the rollout of automatic updating by the Firefox crew for updating to 1.0.1.
Hi. Actually, I don’t think Secunia discovered these. The TechWeb article was a bit misleading in that respect.
The original Mozilla advisories are available at:
http://www.mozilla.org/security/announce/
Stuart
I can’t wait for firefox 1.0.2 to come out to fix the next round of Vulnerabilities to be fix. And Remember Use Tootie!!
Wal, fook mah pook!
Haha! I’ll bet Micro$oft is funding a project to find and expose as many bugs in FireFox as possible. With Firefox taking almost 10% market share now, they have something to worry about. Fortunately, all the fanatics will help out to make it FireFox even better! Do your worst ;-)
http://it.slashdot.org/article.pl?sid=05/03/02/2314234&tid=154&tid=172
Your article appeared on the front page of Slashdot this afternoon.
wat tho fok?
Mr l33t yes it’s all a microsoft conspiracy isn’t it. Now that firefox is gaining in user acceptance expect more exploits to be discovered and exploited.
And the reason why safari and opera don’t have documented exploits is …. market share.
It can be fixed on FireFox:
http://users-guide.org/index.php?c=text&id=82
Actually, it would behoove M$ to try to take out their competition early. That’s more than just hardball business tactics, that’s the way they’ve operated in the past. So while Mr 3l3t was clearly being humorous, there’s a serious underside to it all. Knowing of the Halloween documents, and all the times M$ has ripped off customer information makes me suspicious of them. You’d be foolish to not watch your back where they are concerned.
Goes to show that sticking with MS isn’t all that bad. I do not agree that MS is trying to take out FireFox, just a few loyal MS crackers making waves. Remember…MS does have a loyal following too.
loose diamonds Keyword doesn’t matter