Welcome to WebmasterWorld Guest from 23.20.193.33

Forum Moderators: incrediBILL

Message Too Old, No Replies

Latest Version FF has severe security flaw

Another Javascript hole...

     
2:31 am on Jul 15, 2009 (gmt 0)

Senior Member from US 

WebmasterWorld Senior Member tangor is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Nov 29, 2005
posts:7664
votes: 521


An unpatched memory corruption flaw in the latest version of Firefox creates a means for hackers to drop malware onto vulnerable systems.

Security notification firm Secunia reports that the security bug (which it describes as extremely critical) stems from errors in handling JavaScript code. The flaw has been confirmed in the latest 3.5 version of Firefox, released in late June.

Older versions of the popular alternative browser might also be affected, Secunia warns.

Exploit code has been uploaded onto recently revived security exploit website milw0rm, a factor that could hasten the development of more attack code.

Secunia advises Firefox users to avoid browsing untrusted websites or following untrusted links pending the availability of a fix from Mozilla (there's nothing in the pipeline just yet).

Reported at The Register
[theregister.co.uk...]

I suspect those of us who turn Javascript off, or use NoScript may not have quite the same concerns...

3:16 am on July 15, 2009 (gmt 0)

Senior Member

WebmasterWorld Senior Member jdmorgan is a WebmasterWorld Top Contributor of All Time 10+ Year Member

joined:Mar 31, 2002
posts:25430
votes: 0


Not a good week for browsers... Firefox/3.5 with one vulnerability, SeaMonkey/1.1.17 with one still not updated after several weeks, and MSIE8 with two -- one patched today, but another still outstanding.

For those who often end up on questionable sites while reviewing backlinks, etc., it'd be a good week to test-drive Chrome, Opera, or Apple Safari if disabling JS is not an option for your testing.

Jim

3:37 am on July 17, 2009 (gmt 0)

Senior Member

WebmasterWorld Senior Member jdmorgan is a WebmasterWorld Top Contributor of All Time 10+ Year Member

joined:Mar 31, 2002
posts:25430
votes: 0


Firefox/3.5.1 is now available to fix this issue.

Jim

 

Join The Conversation

Moderators and Top Contributors

Hot Threads This Week

Featured Threads

Free SEO Tools

Hire Expert Members