Current and Important Security News: Firefox 3.0 Vulnerability
June 20, 2008 at 2:29 pm Leave a comment
The new browser version, which was finally released as non-beta a couple of days ago. In an extreme surprise, users shouldn’t click on links without all due caution, particularly in e-mails from strangers. I’d advise not taking candy from strangers, either. The most likely thing is visiting a rigged website, although it would be possible to trigger any kind of executable from a link, including downloads–my particular gripe with Firefox, because I’ve initiated downloads myself that I could have easily missed if I’d done something by mistake. I haven’t really poked around a lot to disable the download manager but in this iteration couldn’t do it easily. As is I’m completely sold on Avant. I also find myself nearly regretting I’m saying that, because if it becomes deservedly popular it’s going to get heavily attacked.
This bug was also present in 2.0, so while if whatever it is happens it’s rated potentially severe it’s evidently unlikely. Be careful typing in any web names, because a lot of hacking is based on typos (“typo-squatting”).
–Glenn
Entry filed under: computers/tech, current news. Tags: firefox 3 vulnerability, high threat, no fix yet.
Trackback this post | Subscribe to the comments via RSS Feed