Firefox 2.0.0.5 has been released

Status
Not open for further replies.
thx. yeah, java was the only thing that it didn't fix. how did you fix it it, trotter?

Haven't bothered to fix it yet. I was going to use NTT to force it. Did it not work?
 
Password Vulnerability In Firefox 2.0.0.5

All you Firefox users out there should be aware of this recently discovered password vulnerability in Firefox 2.0.0.5. Hit the link for all the details.


According to a message posted over the weekend on the Full-Disclosure mailing list, the latest version of Firefox, 2.0.0.5, contains a password management vulnerability that can allow malicious Web sites to steal user passwords.
 
Password Vulnerability In Firefox 2.0.0.5

All you Firefox users out there should be aware of this recently discovered password vulnerability in Firefox 2.0.0.5. Hit the link for all the details.

According to a message posted over the weekend on the Full-Disclosure mailing list, the latest version of Firefox, 2.0.0.5, contains a password management vulnerability that can allow malicious Web sites to steal user passwords.
Who doesn't use NoScript? (Allow javascript on a site-by-site basis.) No problem. :)

They say they're "discussing" removing the password feature...hah, that would suck. Patch it and move on...!
 
The Mozilla Foundation acknowledged over the weekend that its own Firefox browser allows links that can send malicious code to external programs, a security issue that the group had previously argued should be fixed by the browser maker.
In early July, three researchers found a way to execute code in Firefox - and potentially other Windows programs - by passing it a malicious uniform resource identifier (URI) from Internet Explorer.


The discovery lit off a firestorm of finger pointing: The Mozilla Foundation argued that IE should validate the URI before passing it along to another program, while Microsoft stated that input validation is the responsibility of the receiving program.
Over the weekend, another researcher discovered that Mozilla Firefox has the same security issue. The Mozilla Foundation acknowledged the problem on Monday.
"We thought this was just a problem with IE," Mozilla's chief security officer Window Snyder said in a blog post. "It turns out, it is a problem with Firefox as well."
In the latest versions of their products, Microsoft and the Mozilla Foundation have focused on security. In Internet Explorer 7, Microsoft added anti-phishing features, the ability to run in protected mode on its latest operating system, Windows Vista, and severely culled problematic ActiveX controls. In Firefox 2.0, the Mozilla Foundation also added anti-phishing features and the ability to clear private data.
Mozilla is now looking into the issue to determine its response to the problem.
 
Mozilla Flaw Attack Code Published

According to InfoWorld, Mozilla is working on a patch for its Firefox browser after a hacker posted details of a flaw that could let intruders run unauthorized software on a victim's machine.


The flaw lies in Firefox's URL handler component, which was the source of another bug Mozilla disclosed Tuesday. This second flaw was disclosed Tuesday by Billy Rios and Nathan McFeters, security consultants with VeriSign and Ernst & Young, respectively. Like the first flaw, this one could be exploited by attackers to launch programs on the victim's PC without authorization.
 
"no it don't. you allow the scripts on trusted sites"

which is a time consuming inconvenience, i visit about 15 sites a day, and run ccleaner a couple times a week, which means I'd constantly be deciding which scripts to run making it more trouble than its worth.
 
CCleaner does not affect permissions in NoScript. I love using NoScript, as it gives me an extra layer of protection when surfing.
 
Status
Not open for further replies.
Back
Top Bottom