Skip Links

Firefox update fixes problem with Internet Explorer

By Jeremy Kirk, IDG News Service
July 18, 2007 12:15 PM ET
  • Print
. What's this?

A new update for the Firefox browser fixes an unusual vulnerability that could cause malicious code to run if the browser is launched by Microsoft's Internet Explorer.

The critical vulnerability involves Internet Explorer's ability to launch other applications such as Excel or Firefox after a user clicks on a specially written link in a Web page. Explorer does not properly check the syntax of the link, which could allow a malicious link to attack Firefox if launched, according to Mozilla, the open-source project that develops Firefox.

Microsoft said it didn't feel it was an issue for Explorer. Either way, Firefox's 2.0.0.5 release fixes the problem by now validating incoming data. The update will automatically be pushed out to Firefox 2.0 users via the built-in update system, Mozilla said in an advisory.

The update also fixes seven other vulnerabilities, two of which are considered "critical" by Mozilla. One problem, labelled 2007-18, is a memory corruption problem that could cause arbitrary code to run on a machine. The other, 2007-21, could also allow arbitrary code to run.

Related Content

The IDG News Service is a Network World affiliate.

  • Print
What is Tech Briefcase?
TechBriefcase is a new, free service where IT Professionals can Search, Store and Share IT white papers and content like this. Learn more
Bookmark content
Speed up your research efforts with content across the web.
Search and Store
Find the white papers you need. Create folders for any topic.
View Anywhere
Open your briefcase on your iPhone, tablet or desktop. Share with colleagues.
Don't have an account yet?

Most Read

View more Most Read

Videos

rssRss Feed

Latest News

rssRss Feed